IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Firewalls and Internet security: repelling the wily hacker
Firewalls and Internet security: repelling the wily hacker
Classification and detection of computer intrusions
Classification and detection of computer intrusions
Decentralizing control and intelligence in network management
Proceedings of the fourth international symposium on Integrated network management IV
A coding approach to event correlation
Proceedings of the fourth international symposium on Integrated network management IV
Building Internet Firewalls
Distributed audit trail analysis
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Holding intruders accountable on the Internet
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
STAT -- A State Transition Analysis Tool For Intrusion Detection
STAT -- A State Transition Analysis Tool For Intrusion Detection
Journal of Computer Security
Cost effective management frameworks for intrusion detection systems
Journal of Computer Security
Multi-agent support for distributed engineering design
IEA/AIE'2005 Proceedings of the 18th international conference on Innovations in Applied Artificial Intelligence
Methodologies and frameworks for testing ids in adhoc networks
Proceedings of the 3rd ACM workshop on QoS and security for wireless and mobile networks
Hi-index | 0.00 |
With the phenomenal increase of unwarranted Internet traffic into corporate networks the need for the development and effective use of currently available intrusion detection (ID) systems has acquired great importance. Compounding this is the constantly evolving techniques by professional hackers to defeat any and every counter measure designed to stem or at least contain their acts.In this paper, we present the results of tests conducted to assess the effectiveness of intrusion detection system in a switched and distributed network environment. The results reveal that the performance of ID systems is a function of various factors including network topology, deployment techniques, and network throughput, bandwidth and network traffic conditions.Within the limits of our studies, the findings can be summarized as: 1. The detection capability of the ID system diminishes with increase in bandwidth utilization with the obvious implication that better performance could be achieved with the use of multiple sensors. 2. Deployment at network or domain entry points i.e. outside decoy provides better performance results by up to 11%. 3. Deployment with packet loss limiting devices produces a better result than deployment with the port mirroring technique by up to 27%.