Please use this identifier to cite or link to this item: http://theses.ncl.ac.uk/jspui/handle/10443/2094
Title: Attack-class-based analysis of intrusion detection systems
Authors: Alessandri, Dominique
Issue Date: 2004
Publisher: Newcastle University
Abstract: Designers of intrusion detection systems are often faced with the problem that their design fails to meet the specification because the actual implementation is not able to detect anac/cs as required. This work aims at addressing such shoncomings at an ear(v stage of the design process. The proposed method provides guidance to intrusion detection systems designers by predicting whether or not a given design will be able to detect cenain classes of anacks. Our method achieves this by introdUCing a classification of anacks and a description framework for intrusion detection systems. The anack classification and the description framework are defined at a common level of abstraction. and thereby form the basis for our ana(vsis method. which determines the anack classes that a given intrusion detection system design can detect. Intrusion detection system designers can use these results to determine where the design meets the specification and where it does not. These insights facilitate a more systematic and effective design process because they can be gained at an early stage of the design process without the need of actually implementing the design. Final/y. we show how our approach to intrusion detection system design analysis can be validated and how the analysis results can be used for further applications such as guiding the design of intrusion detection architectures that combine diverse intrusion detection systems.
Description: PhD Thesis
URI: http://hdl.handle.net/10443/2094
Appears in Collections:School of Computing Science

Files in This Item:
File Description SizeFormat 
Alessandri, D. 2004.pdfThesis25.38 MBAdobe PDFView/Open
dspacelicence.pdfLicence43.82 kBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.