Analyzing Root Causes of Intrusion Detection False-Negatives: Methodology and Case Study

被引：1

作者：

Ficke, Eric ^{[1
]}

Schweitzer, Kristin M. ^{[2
]}

Bateman, Raymond M. ^{[2
]}

Xu, Shouhuai ^{[1
]}

机构：

[1] Univ Texas San Antonio, Dept Comp Sci, San Antonio, TX 78249 USA

[2] US Army Res Lab South Cyber, Aberdeen Proving Ground, MD USA

来源：

MILCOM 2019 - 2019 IEEE MILITARY COMMUNICATIONS CONFERENCE (MILCOM) | 2019年

基金：

美国国家科学基金会;

关键词：

Intrusion Detection; Intrusion Detection Systems; Root Cause Analysis; False Negatives; Snort; Suricata; Flow-based Intrusion Detection;

D O I：

10.1109/milcom47813.2019.9020860

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Intrusion Detection Systems (IDSs) are a necessary cyber defense mechanism. Unfortunately, their capability has fallen behind that of attackers. This motivates us to improve our understanding of the root causes of their false-negatives. In this paper we make a first step towards the ultimate goal of drawing useful insights and principles that can guide the design of next-generation IDSs. Specifically, we propose a methodology for analyzing the root causes of IDS false-negatives and conduct a case study based on Snort and a real-world dataset of cyber attacks. The case study allows us to draw useful insights.

引用

页数：6

共 50 条

[41] Histidine-rich protein (hrp) 2-based RDT false-negatives and Plasmodium falciparum hrp 2 and 3 gene deletions in low, seasonal and intense perennial transmission zones in Cameroon: a cross - sectional study
Apinjoh, Tobias Obejum
Tangi, Livinus Ngu
Oriero, Eniyou Cheryll
Drammeh, Sainabou
Ntui-Njock, Vincent Ntui
Etoketim, Blessed
Chi, Hanesh Fru
Kwi, Pilate Nkineh
Njie, Bekai
Oboh, Mary Aigbiremo
Achidi, Eric Akum
Amambua-Ngwa, Alfred
BMC INFECTIOUS DISEASES, 2024, 24 (01)
[42] Analyzing and Storing Network Intrusion Detection Data Using Bayesian Coresets: A Preliminary Study in Offline and Streaming Settings
Zennaro, Fabio Massimo
MACHINE LEARNING AND KNOWLEDGE DISCOVERY IN DATABASES, ECML PKDD 2019, PT II, 2020, 1168 : 208 - 222
[43] Advanced analytics for detection and diagnosis of false alarms and faults: A real case study
Pliego Marugan, Alberto
Garcia Marquez, Fausto Pedro
WIND ENERGY, 2019, 22 (11) : 1622 - 1635
[44] A case study on soil compaction and Aphanomyces root rot as causes of uneven pea growth
Grath, T.
Haakansson, I.
Swedish Journal of Agricultural Research, 1600, 24 (04):
[45] Analyzing the impact of space utilization and production planning on plant space requirements - A case study and methodology
College of Management, North Carolina State University, Raleigh, NC 27695-8614, United States
不详
Int J Ind Eng Theory Appl Pract, 2006, 1 (81-89):
[46] Analyzing the impact of space utilization and production planning on plant space requirements - A case study and methodology
Bozarth, Cecil
Vilarinho, Pedro M.
INTERNATIONAL JOURNAL OF INDUSTRIAL ENGINEERING-THEORY APPLICATIONS AND PRACTICE, 2006, 13 (01): : 81 - 89
[47] A Novel Data Analytics Methodology for Analyzing Real Estate Brokerage Markets with Case Study of Dubai
Al Abdulsalam, Ahmed Saif
Al Hashemi, Maged Mohammed Al-Baiti
Aleissaee, Mohammed Zayed Sulaiman
Almansoori, Abdelaziz Saleh Husain
Ertek, Gurdal
Labben, Thouraya Gherissi
BUILDINGS, 2024, 14 (10)
[48] Towards analyzing the impact of intrusion prevention and response on cyber-physical system availability: A case study of NPP
Tripathi, Dipty
Tripathi, Anil Kumar
Singh, Lalit Kumar
Chaturvedi, Amrita
ANNALS OF NUCLEAR ENERGY, 2022, 168
[49] Defect detection methodology on the back-end process: A case of study
Martin, H
Bichebois, P
METROLOGY, INSPECTION, AND PROCESS CONTROL FOR MICROLITHOGRAPHY X, 1996, 2725 : 233 - 241
[50] A Pattern Recognition Methodology for Fault Detection: A Circuit Breaker Case Study
Campagnoni, V. Pesenti
Ierace, S.
Floreani, F.
Cavalieri, S.
PROCEEDINGS OF THE 10TH WORLD CONGRESS ON ENGINEERING ASSET MANAGEMENT (WCEAM 2015), 2016, : 279 - 287

← 1 2 3 4 5 →