Decision analysis of network-based intrusion detection systems for denial-of-service attacks

Author

Li, Ming ; Jia, Weijia ; Zhao, Wei

Author_Institution

Dept. of Comput. Sci., City Univ. of Hong Kong, China

Volume

5

fYear

2001

fDate

2001

Firstpage

1

Abstract

Two of practical issues in designing a network-based intrusion detection system for denial-of-service attacks are; how to represent the distributions of detection probability, false alarm probability and miss probability; how to achieve a high detection probability, a low false alarm probability and a low miss probability for decision making. This paper gives the representations to describe three probability distributions. Based on them, the authors derive a detection region within which one may achieve a high detection probability, a low false alarm probability and a low miss probability by selecting a suitable threshold value. A case study is demonstrated.

Keywords

authorisation; computer network management; security of data; decision analysis; denial-of-service attacks; high detection probability; network-based intrusion detection systems; probability distributions; Computer crime; Computer science; Data security; Decision making; Information security; Intrusion detection; Pattern matching; Probability distribution; Telecommunication traffic; Traffic control;

fLanguage

English

Publisher

ieee

Conference_Titel

Info-tech and Info-net, 2001. Proceedings. ICII 2001 - Beijing. 2001 International Conferences on

Print_ISBN

0-7803-7010-4

Type

conf

DOI

10.1109/ICII.2001.983485

Filename

983485