Software Intrusion Detection Evaluation System: A Cost-Based Evaluation of Intrusion Detection Capability

Imoize, Agbotiname L. and Oyedare, Taiwo and Otuokere, Michael E. and Shetty, Sachin (2018) Software Intrusion Detection Evaluation System: A Cost-Based Evaluation of Intrusion Detection Capability. Communications and Network, 10 (04). pp. 211-229. ISSN 1949-2421

[thumbnail of CN_2018112214523403.pdf] Text
CN_2018112214523403.pdf - Published Version

Download (1MB)

Abstract

In this paper, we consider a cost-based extension of intrusion detection capability (CID). An objective metric motivated by information theory is presented and based on this formulation; a package for computing the intrusion detection capability of intrusion detection system (IDS), given certain input parameters is developed using Java. In order to determine the expected cost at each IDS operating point, the decision tree method of analysis is employed, and plots of expected cost and intrusion detection capability against false positive rate were generated. The point of intersection between the maximum intrusion detection capability and the expected cost is selected as the optimal operating point. Considering an IDS in the context of its intrinsic ability to detect intrusions at the least expected cost, findings revealed that the optimal operating point is the most suitable for the given IDS. The cost-based extension is used to select optimal operating point, calculate expected cost, and compare two actual intrusion detectors. The proposed cost-based extension of intrusion detection capability will be very useful to information technology (IT), telecommunication firms, and financial institutions, for making proper decisions in evaluating the suitability of an IDS for a specific operational environment.

Item Type: Article
Subjects: Scholar Eprints > Computer Science
Depositing User: Managing Editor
Date Deposited: 17 Feb 2023 06:55
Last Modified: 14 Sep 2024 04:48
URI: http://repository.stmscientificarchives.com/id/eprint/513

Actions (login required)

View Item
View Item