Intrusion Detection: Characterising intrusion detection sensors, part 2

Authors:
Siraj A. Shaikh;Howard Chivers;Philip Nobles;John A. Clark;Hao Chen
Affiliations:
Department of Informatics and Sensors, Cranfield University, UK;Department of Informatics and Sensors, Cranfield University, UK;Department of Informatics and Sensors, Cranfield University, UK;Department of Computer Science, University of York, UK;Department of Computer Science, University of York, UK
Venue:
Network Security
Year:
2008

Citing 3
Cited 1

Throttling Viruses: Restricting propagation to defeat malicious mobile code

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Snort 2.1 Intrusion Detection, Second Edition

Snort 2.1 Intrusion Detection, Second Edition
Defining and Evaluating Greynets (Sparse Darknets)

LCN '05 Proceedings of the The IEEE Conference on Local Computer Networks 30th Anniversary

A Deployment Value Model for Intrusion Detection Sensors

ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance

Quantified Score

Hi-index	0.00

Visualization

Abstract

Last month, part one of this article emphasised the need for examining various features of intrusion detection sensors. It provided a broad definition of a sensor, as a device that is callable of signalling a suspicious event, and characterised sensors in terms of location and response, which are key factors in determining the effectiveness of sensor deployments. Part two characterises the various costs involved in deploying and monitoring, using such sensors, and shows how a diverse range of sensors are distinguished using such criteria.