• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

入侵检测系统的评估

Evaluation of Intrusion Detection Systems.

作者信息

Ulvila Jacob W, Gaffney John E

机构信息

Decision Science Associates, Inc., Vienna, VA 22818.

Lockheed Martin, Gaithersburg, MD 20879.

出版信息

J Res Natl Inst Stand Technol. 2003 Dec 1;108(6):453-73. doi: 10.6028/jres.108.040. Print 2003 Nov-Dec.

DOI:10.6028/jres.108.040
PMID:27413623
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC4844520/
Abstract

This paper presents a comprehensive method for evaluating intrusion detection systems (IDSs). It integrates and extends ROC (receiver operating characteristic) and cost analysis methods to provide an expected cost metric. Results are given for determining the optimal operation of an IDS based on this expected cost metric. Results are given for the operation of a single IDS and for a combination of two IDSs. The method is illustrated for: 1) determining the best operating point for a single and double IDS based on the costs of mistakes and the hostility of the operating environment as represented in the prior probability of intrusion and 2) evaluating single and double IDSs on the basis of expected cost. A method is also described for representing a compound IDS as an equivalent single IDS. Results are presented from the point of view of a system administrator, but they apply equally to designers of IDSs.

摘要

本文提出了一种评估入侵检测系统(IDS)的综合方法。它整合并扩展了ROC(接收者操作特征)和成本分析方法,以提供一个预期成本指标。给出了基于该预期成本指标确定IDS最佳运行状态的结果。给出了单个IDS以及两个IDS组合运行的结果。该方法用于:1)根据错误成本和运行环境的敌意程度(以入侵先验概率表示)确定单个和双IDS的最佳运行点;2)基于预期成本评估单个和双IDS。还描述了一种将复合IDS表示为等效单个IDS的方法。结果是从系统管理员的角度呈现的,但它们同样适用于IDS的设计者。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/cda3ed74502d/j86ulvf16.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/ac467b4b9f51/j86ulvf1.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/eb02e8989a50/j86ulvf2.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/0ffa2f426487/j86ulvf3.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/eaa3e3d745fc/j86ulvf4.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/6dfa93e16efc/j86ulvf5.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/15d662a85b82/j86ulvf6.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/042d0460b2d4/j86ulvf7.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/c297e686924f/j86ulvf8.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/677ebea4df09/j86ulvf9.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/6b4cbdd0a162/j86ulvf10.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/edbfda9cde95/j86ulvf11.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/36e0503f4d5f/j86ulvf12.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/b23849852e97/j86ulvf13.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/df725d64f2fb/j86ulvf14.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/e0c2b54d2b6c/j86ulvf15.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/cda3ed74502d/j86ulvf16.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/ac467b4b9f51/j86ulvf1.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/eb02e8989a50/j86ulvf2.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/0ffa2f426487/j86ulvf3.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/eaa3e3d745fc/j86ulvf4.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/6dfa93e16efc/j86ulvf5.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/15d662a85b82/j86ulvf6.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/042d0460b2d4/j86ulvf7.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/c297e686924f/j86ulvf8.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/677ebea4df09/j86ulvf9.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/6b4cbdd0a162/j86ulvf10.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/edbfda9cde95/j86ulvf11.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/36e0503f4d5f/j86ulvf12.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/b23849852e97/j86ulvf13.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/df725d64f2fb/j86ulvf14.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/e0c2b54d2b6c/j86ulvf15.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/8437/4844520/cda3ed74502d/j86ulvf16.jpg

相似文献

1
Evaluation of Intrusion Detection Systems.入侵检测系统的评估
J Res Natl Inst Stand Technol. 2003 Dec 1;108(6):453-73. doi: 10.6028/jres.108.040. Print 2003 Nov-Dec.
2
EIFDAA: Evaluation of an IDS with function-discarding adversarial attacks in the IIoT.EIFDAA:工业物联网中具有功能丢弃对抗攻击的入侵检测系统评估
Heliyon. 2023 Feb 9;9(2):e13520. doi: 10.1016/j.heliyon.2023.e13520. eCollection 2023 Feb.
3
IoT Intrusion Detection Taxonomy, Reference Architecture, and Analyses.物联网入侵检测分类法、参考架构和分析。
Sensors (Basel). 2021 Sep 26;21(19):6432. doi: 10.3390/s21196432.
4
Learning About the Effects of Alert Uncertainty in Attack and Defend Decisions via Cognitive Modeling.通过认知建模了解攻击和防御决策中的警报不确定性的影响。
Hum Factors. 2022 Mar;64(2):343-358. doi: 10.1177/0018720820945425. Epub 2020 Sep 20.
5
Integrating Software Engineering Processes in the Development of Efficient Intrusion Detection Systems in Wireless Sensor Networks.将软件工程流程集成到无线传感器网络中高效入侵检测系统的开发中。
Sensors (Basel). 2020 Mar 3;20(5):1375. doi: 10.3390/s20051375.
6
Comprehensive analysis and recommendation of feature evaluation measures for intrusion detection.入侵检测特征评估措施的综合分析与建议
Heliyon. 2020 Jul 9;6(7):e04262. doi: 10.1016/j.heliyon.2020.e04262. eCollection 2020 Jul.
7
An Optimization Model for Appraising Intrusion-Detection Systems for Network Security Communications: Applications, Challenges, and Solutions.网络安全通信中入侵检测系统评估的优化模型:应用、挑战与解决方案。
Sensors (Basel). 2022 May 29;22(11):4123. doi: 10.3390/s22114123.
8
A balanced communication-avoiding support vector machine decision tree method for smart intrusion detection systems.一种用于智能入侵检测系统的平衡通信避免支持向量机决策树方法。
Sci Rep. 2023 Jun 5;13(1):9083. doi: 10.1038/s41598-023-36304-z.
9
A Hypergraph and Arithmetic Residue-based Probabilistic Neural Network for classification in Intrusion Detection Systems.一种用于入侵检测系统分类的基于超图和算术余数的概率神经网络。
Neural Netw. 2017 Aug;92:89-97. doi: 10.1016/j.neunet.2017.01.012. Epub 2017 Feb 17.
10
A Security Concept Based on Scaler Distribution of a Novel Intrusion Detection Device for Wireless Sensor Networks in a Smart Environment.基于新型入侵检测设备在智能环境中无线传感器网络的标度分布的安全概念。
Sensors (Basel). 2020 Aug 21;20(17):4717. doi: 10.3390/s20174717.

引用本文的文献

1
Dynamic Adaptation Attack Detection Model for a Distributed Multi-Access Edge Computing Smart City.分布式多接入边缘计算智慧城市的动态自适应攻击检测模型
Sensors (Basel). 2023 Aug 12;23(16):7135. doi: 10.3390/s23167135.