• DocumentCode
    1958131
  • Title

    One Size Fits None: The Importance of Detector Parameterization

  • Author

    Bodorik, Natasha ; Zincir-Heywood, A. Nur

  • Author_Institution
    Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
  • fYear
    2010
  • fDate
    15-18 Feb. 2010
  • Firstpage
    487
  • Lastpage
    494
  • Abstract
    The parameterization of an administrator´s intrusion detection system (IDS) is as crucial as the IDS itself. The difference between sufficient and insufficient parameterization can be the difference between a detected and undetected attack. This work focuses on identifying a methodical process for IDS parameterization. Such a process provides administrators of intrusion detection systems with the knowhow of selecting suitable parameters for the effective operation of their detector. The process stresses the importance of altering parameters for individual applications. Parameterization experiments are employed on two different open source IDSs, namely Stide and pH, and tested against three real world vulnerabilities. The results show the interesting trends that are observed during the experiments.
  • Keywords
    public domain software; security of data; IDS parameterization; Stide IDS; administrator intrusion detection system; detected attack; open source IDS; pH IDS; security vulnerability; undetected attack; Availability; Computer science; Computer security; Databases; Detectors; Intrusion detection; Monitoring; Protection; Stress; Testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability, and Security, 2010. ARES '10 International Conference on
  • Conference_Location
    Krakow
  • Print_ISBN
    978-1-4244-5879-0
  • Type

    conf

  • DOI
    10.1109/ARES.2010.41
  • Filename
    5438049
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1958131