City Research Online

Diversity with Intrusion Detection Systems: An Empirical Study

Algaith, A., Elia, I. A., Gashi, I. & Vieira, M. R. (2017). Diversity with Intrusion Detection Systems: An Empirical Study. In: 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). . IEEE. ISBN 978-1-5386-1465-5 doi: 10.1109/NCA.2017.8171327


Defence-in-depth is a term often used in security literature to denote architectures in which multiple security protection systems are deployed to defend the valuable assets of an organization (e.g. the data and the services). In this paper we present an approach for analysing defence-in-depth, and illustrate the use of the approach with an empirical study in which we have assessed the detection capabilities of intrusion detection systems when deployed in diverse, two-version, parallel defence-in-depth configurations. The configurations have been assessed in settings that favour detection of attacks (reducing false negatives), as well as settings that favour legitimate traffic (reducing false positives).

Publication Type: Conference or Workshop Item (Paper)
Additional Information: © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Publisher Keywords: diversity analysis; security analysis; quantitative assessment; intrusion detection systems
Departments: School of Science & Technology > Computer Science
Text - Accepted Version
Download (728kB) | Preview



Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login