The size of and number of networks connecting electronic devices can be quite large with respect to the number of devices connected to the networks as well as in the geographic area covered by the networks. The amount of data that electronic networks can handle may also be very large. Thus, while it is possible to have a human analyze the data in a network in order to detect network intrusion, the sheer volume of work required makes this approach infeasible.
Since discovering network intrusion while attacks are taking place is useful, manufacturers have long sought ways of effectively automating the task of detecting intruders in an electronic network. While some attempts in the computer industry have been made to harness the power of data mining for detecting network intrusion, implementations to-date are relatively inefficient (e.g., involving human labor for updates), or provide less than the desired degree of effectiveness and resistance to attacks (e.g., by using centralized administration, detection, and/or data storage).