Protection and security on the information superhighway
Protection and security on the information superhighway
Information warfare and security
Information warfare and security
MetaCost: a general method for making classifiers cost-sensitive
KDD '99 Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining
Intrusion detection
Intrusion Detection
Machine Learning
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
How to Systematically Classify Computer Security Intrusions
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A data mining framework for constructing features and models for intrusion detection systems (computer security, network security)
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Journal of Network and Systems Management
Authorization Based on Evidence and Trust
DaWaK 2000 Proceedings of the 4th International Conference on Data Warehousing and Knowledge Discovery
A model for evaluating IT security investments
Communications of the ACM - Has the Internet become indispensable?
Research on automated rollbackability of intrusion response
Journal of Computer Security
Mitigating denial of service attacks: a tutorial
Journal of Computer Security
Adaptive defense against various network attacks
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Optimal security hardening using multi-objective optimization on attack tree models of networks
Proceedings of the 14th ACM conference on Computer and communications security
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Indirect classification approaches: a comparative study in network intrusion detection
International Journal of Computer Applications in Technology
A taxonomy of intrusion response systems
International Journal of Information and Computer Security
A model-based semi-quantitative approach for evaluating security of enterprise networks
Proceedings of the 2008 ACM symposium on Applied computing
Hierarchical Hidden Markov Models for User/Process Profile Learning
Fundamenta Informaticae - Special issue ISMIS'05
Classification of intrusion detection alerts using abstaining classifiers
Intelligent Data Analysis
Principled reasoning and practical applications of alert fusion in intrusion detection systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Autonomous decision on intrusion detection with trained BDI agents
Computer Communications
Evaluation of Intrusion Detection Systems Under a Resource Constraint
ACM Transactions on Information and System Security (TISSEC)
Network Security: Know It All: Know It All
Network Security: Know It All: Know It All
Balancing intrusion detection resources in ubiquitous computing networks
Computer Communications
A Layered Decision Model for cost-effective system security
International Journal of Information and Computer Security
Predicting the Resource Consumption of Network Intrusion Detection Systems
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Intrusion response cost assessment methodology
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Journal of Computer Security - Best papers of the Sec Track at the 2006 ACM Symposium
A Deployment Value Model for Intrusion Detection Sensors
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Analysis of Data Dependency Based Intrusion Detection System
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Incremental construction of structured hidden Markov models
IJCAI'07 Proceedings of the 20th international joint conference on Artifical intelligence
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Learning complex event descriptions by abstraction
IJCAI'05 Proceedings of the 19th international joint conference on Artificial intelligence
An intrusion response decision-making model based on hierarchical task network planning
Expert Systems with Applications: An International Journal
Panacea: Automating Attack Classification for Anomaly-Based Network Intrusion Detection Systems
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Data mining and machine learning-Towards reducing false positives in intrusion detection
Information Security Tech. Report
The research on enhanced cost-based auto intrusion response decision
WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Performance adaptation in real-time intrusion detection systems
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Cost-effective IDS operating scheme in MANETs
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
A risk-sensitive intrusion detection model
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
A framework for security quantification of networked machines
COMSNETS'10 Proceedings of the 2nd international conference on COMmunication systems and NETworks
A fuzzy-based dynamic provision approach for virtualized network intrusion detection systems
AST/UCMA/ISA/ACN'10 Proceedings of the 2010 international conference on Advances in computer science and information technology
A cost-based analysis of intrusion detection system configuration under active or passive response
Decision Support Systems
A service dependency model for cost-sensitive intrusion response
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Security metrics and security investment models
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Cost-Sensitive access control for illegitimate confidential access by insiders
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
"Andromaly": a behavioral malware detection framework for android devices
Journal of Intelligent Information Systems
A simple methodology for soft cost-sensitive classification
Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining
Hierarchical Hidden Markov Models for User/Process Profile Learning
Fundamenta Informaticae - Special issue ISMIS'05
Re-examining the performance bottleneck in a NIDS with detailed profiling
Journal of Network and Computer Applications
Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues
Information Sciences: an International Journal
The economic impact of cyber terrorism
The Journal of Strategic Information Systems
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
Towards cost-sensitive assessment of intrusion response selection
Journal of Computer Security
| Hi-index | 0.00 |
Intrusion detection systems (IDSs) must maximize the realization of security goals while minimizing costs. In this paper, we study the problem of building cost-sensitive intrusion detection models. We examine the major cost factors associated with an IDS, which include development cost, operational cost, damage cost due to successful intrusions, and the cost of manual and automated response to intrusions. These cost factors can be qualified according to a defined attack taxonomy and site-specific security policies and priorities. We define cost models to formulate the total expected cost of an IDS, and present cost-sensitive machine learning techniques that can produce detection models that are optimized for user-defined cost metrics. Empirical experiments show that our cost-sensitive modeling and deployment techniques are effective in reducing the overall cost of intrusion detection.