Diversity with Intrusion Detection Systems: An Empirical Study
Algaith, A., Elia, I. A., Gashi, I. & Vieira, M. R. (2017). Diversity with Intrusion Detection Systems: An Empirical Study. In: 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). The 16th IEEE International Symposium on Network Computing and Applications, 30 Oct - 01 Nov 2017, Boston, USA. doi: 10.1109/NCA.2017.8171327
Abstract
Defence-in-depth is a term often used in security literature to denote architectures in which multiple security protection systems are deployed to defend the valuable assets of an organization (e.g. the data and the services). In this paper we present an approach for analysing defence-in-depth, and illustrate the use of the approach with an empirical study in which we have assessed the detection capabilities of intrusion detection systems when deployed in diverse, two-version, parallel defence-in-depth configurations. The configurations have been assessed in settings that favour detection of attacks (reducing false negatives), as well as settings that favour legitimate traffic (reducing false positives).
| Publication Type: | Conference or Workshop Item (Paper) |
|---|---|
| Additional Information: | © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |
| Publisher Keywords: | diversity analysis; security analysis; quantitative assessment; intrusion detection systems |
| Departments: | School of Science & Technology > Computer Science |
Download (728kB) | Preview
Export
Downloads
Downloads per month over past year
Metadata
MetadataActions (login required)
Admin Login