论文信息 - PRIORITIES IN THE DEPLOYMENT OF NETWORK INTRUSION DETECTION SYSTEMS

PRIORITIES IN THE DEPLOYMENT OF NETWORK INTRUSION DETECTION SYSTEMS

The purpose of this work is to study the priorities in the deployment of network intrusion detection systems (NIDS) in small corporate networks. The goal is to minimize costs while optimizing performance. Despite apparent benefits of automated intrusion detection systems (IDS), they are not widely deployed at this time. Our main research problem is defining key cost areas of NIDS deployment and then developing ways to achieve the required functionality with minimal costs. We present a concept of pre-ids stage, where small, isolated tools are used to target network security problems. The ease of deployment and low maintenance costs help of these tools allow to combat a large part of these problems at a fraction of the costs of a full IDS.

Marcin Dobrucki | Teemupekka Virtanen | Teemupekka Virtanen | Marcin Dobrucki

[1] Harold F. Tipton,et al. Handbook of Information Security Management , 1997 .

[2] Ivar Jacobson,et al. The Unified Software Development Process , 1999 .

[3] W. Tolman,et al. Social Engineering , 2014, Encyclopedia of Social Network Analysis and Mining.

[4] H. Javitz,et al. IDES : The Enhanced Prototype A Real-Time Intrusion-Detection Expert System , 1988 .

[5] Elizabeth D. Zwicky,et al. Building internet firewalls , 1995 .

[6] Jeff R. Allen. Driving via the Rear-View Mirror: Managing a Network with Cricket , 1999, NETA.

[7] Isij Monitor,et al. Network Intrusion Detection: An Analyst’s Handbook , 2000 .

[8] Jon Lasser. Implementing Snort in a Production Environment , 2001, login Usenix Mag..

[9] Douglas Comer,et al. Internetworking with TCP/IP , 1988 .

[10] Stephen Northcutt,et al. Network Intrusion Detection: An Analyst's Hand-book , 1999 .

[11] Edward G. Amoroso,et al. Fundamentals of computer security technology , 1994 .

[12] S. E. Smaha. Haystack: an intrusion detection system , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[13] Greg Shipley,et al. Cover story: dragon claws its way to the top , 2001 .

[14] Thomas Henry Ptacek,et al. Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection , 1998 .