1 research outputs found
Analyzing Root Causes of Intrusion Detection False-Negatives: Methodology and Case Study
Intrusion Detection Systems (IDSs) are a necessary cyber defense mechanism.
Unfortunately, their capability has fallen behind that of attackers. This
motivates us to improve our understanding of the root causes of their
false-negatives. In this paper we make a first step towards the ultimate goal
of drawing useful insights and principles that can guide the design of
next-generation IDSs. Specifically, we propose a methodology for analyzing the
root causes of IDS false-negatives and conduct a case study based on Snort and
a real-world dataset of cyber attacks. The case study allows us to draw useful
insights.Comment: 6 page