Modeling approaches for intrusion detection and prevention system return on investment

被引：0

作者：

Leslie, Nandi O. ^{[1
]}

Marvel, Lisa M. ^{[1
]}

Edwards, Joshua ^{[1
]}

Comroe, Kyra ^{[1
]}

Shearer, Gregory ^{[1
]}

Knachel, Lawrence ^{[1
]}

机构：

[1] US Army, Res Lab, 2800 Powder Mill Rd, Adelphi, MD 20783 USA

来源：

CYBER SENSING 2017 | 2017年 / 10185卷

关键词：

Intrusion detection; cybersecurity; metrics; resource utilization; return on investment; ANOMALY DETECTION;

D O I：

10.1117/12.2258026

中图分类号：

O43 [光学];

学科分类号：

070207 ; 0803 ;

摘要：

Making decisions about intrusion detection and/or prevention system (IDPS) enhancements are often limited to tool effectiveness (i.e., predictive performance). However, in many cases, the tools in an IDPS are operating in information environments, where the malicious behavior is difficult to discern, and computational resources are limited. We develop three novel IDPS performance models motivated by the return on investment (ROI) metric, where each model is designed to compare each tool's relative contributions to the system-level performance over multiple scenarios and configurations. Each of our approaches combine statistical accuracy metrics and computational resource costs into one model to facilitate decision making on IDPS configurations.

引用

页数：13

共 50 条

[1] The effect of intrusion detection management methods on the return on investment
Iheagwara, C
[J]. COMPUTERS & SECURITY, 2004, 23 (03) : 213 - 228
[2] Intrusion detection system modeling
Han, Keesook J.
Giordano, Joseph
[J]. PROCEEDINGS OF THE HPCMP USERS GROUP CONFERENCE 2006, 2006, : 229 - 235
[3] Immune system approaches to intrusion detection - A review
Kim J.
Bentley P.J.
Aickelin U.
Greensmith J.
Tedesco G.
Twycross J.
[J]. Natural Computing, 2007, 6 (4) : 413 - 466
[4] A COMPREHENSIVE SURVEY ON APPROACHES TO INTRUSION DETECTION SYSTEM
Deepa, A. J.
Kavitha, V.
[J]. INTERNATIONAL CONFERENCE ON MODELLING OPTIMIZATION AND COMPUTING, 2012, 38 : 2063 - 2069
[5] Difference between Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
Ashoor, Asmaa Shaker
Gore, Sharad
[J]. ADVANCES IN NETWORK SECURITY AND APPLICATIONS, 2011, 196 : 497 - +
[6] Immune system approaches to intrusion detection - A review
Aickelin, U
Greensmith, J
Twycross, J
[J]. ARTIFICIAL IMMUNE SYSTEMS, PROCEEDINGS, 2004, 3239 : 316 - 329
[7] Real Time Intrusion Detection and Prevention System
Kenkre, Poonam Sinai
Pai, Anusha
Colaco, Louella
[J]. PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON FRONTIERS OF INTELLIGENT COMPUTING: THEORY AND APPLICATIONS (FICTA) 2014, VOL 1, 2015, 327 : 405 - 411
[8] Intrusion Detection and Prevention System: Challenges & Opportunities
Bashir, Uzair
Chachoo, Manzoor
[J]. 2014 INTERNATIONAL CONFERENCE ON COMPUTING FOR SUSTAINABLE GLOBAL DEVELOPMENT (INDIACOM), 2014, : 806 - 809
[9] Intrusion detection and prevention system for an IoT environment
Kumar, Ajay
Abhishek, K.
Ghalib, M. R.
Shankar, A.
Cheng, X.
[J]. DIGITAL COMMUNICATIONS AND NETWORKS, 2022, 8 (04) : 540 - 551
[10] IMMIX-Intrusion Detection and Prevention System
Vasudeo, Sarode Harshal
Patil, Pravin
Kumar, R. Vinoth
[J]. 2015 INTERNATIONAL CONFERENCE ON SMART TECHNOLOGIES AND MANAGEMENT FOR COMPUTING, COMMUNICATION, CONTROLS, ENERGY AND MATERIALS (ICSTM), 2015, : 96 - 101

← 1 2 3 4 5 →