In this paper we analyze some intrusion detection strategies
proposed in the literature and we show that they represent the
various facets of a well known formal languages problem: computing
the distance between a string x and a language L. In
particular, the main differences among the various approaches
adopted for building intrusion detection systems can be reduced to
the characteristics of the language L and to the notion of
distance adopted. As a further contribution we will also show that
from the computational point of view all these strategies are
equivalent and they are amenable to efficient parallelization.