Lookup NU author(s): Dominique Alessandri
Full text is not currently available for this publication.
Designers of intrusion detection systems are often faced with the problem that their design fails to meet the specification because the actual implementation is not able to detect attacks as required. This work aims at addressing such shortcomings at an early stage of the design process. The proposed method provides guidance to intrusion detection systems designers by predicting whether or not a given design will be able to detect certain classes of attacks. Our method achieves this by introducing a classification of attacks and a description framework for intrusion detection systems. The attack classification and the description framework are defined at a common level of abstraction, and thereby form the basis for our analysis method, which determines the attack classes that a given intrusion detection system design can detect. Intrusion detection system designers can use these results to determine where the design meets the specification and where it does not. These insights facilitate a more systematic and effective design process because they can be gained at an early stage of the design process without the need of actually implementing the design. Finally, we show how our approach to intrusion detection system design analysis can be validated and how the analysis results can be used for further applications such as guiding the design of intrusion detection architectures that combine diverse intrusion detection systems.
Author(s): Alessandri D
Publication type: Report
Institution: School of Computing Science, University of Newcastle upon Tyne
Place Published: Newcastle upon Tyne
Notes: British Lending Library DSC stock location number: DX228960