Toggle Main Menu Toggle Search

ePrints

[PhD Thesis] Attack-Class-Based Analysis of Intrusion Detection Systems

Lookup NU author(s): Dominique Alessandri

Downloads

Full text is not currently available for this publication.


Abstract

Designers of intrusion detection systems are often faced with the problem that their design fails to meet the specification because the actual implementation is not able to detect attacks as required. This work aims at addressing such shortcomings at an early stage of the design process. The proposed method provides guidance to intrusion detection systems designers by predicting whether or not a given design will be able to detect certain classes of attacks. Our method achieves this by introducing a classification of attacks and a description framework for intrusion detection systems. The attack classification and the description framework are defined at a common level of abstraction, and thereby form the basis for our analysis method, which determines the attack classes that a given intrusion detection system design can detect. Intrusion detection system designers can use these results to determine where the design meets the specification and where it does not. These insights facilitate a more systematic and effective design process because they can be gained at an early stage of the design process without the need of actually implementing the design. Finally, we show how our approach to intrusion detection system design analysis can be validated and how the analysis results can be used for further applications such as guiding the design of intrusion detection architectures that combine diverse intrusion detection systems.


Publication metadata

Author(s): Alessandri D

Publication type: Report

Series Title:

Year: 2004

Institution: School of Computing Science, University of Newcastle upon Tyne

Place Published: Newcastle upon Tyne

Notes: British Lending Library DSC stock location number: DX228960


Share