Accession Number : ADA406577


Title :   A Metrics-Based Approach to Intrusion Detection System Evaluation for Distributed Real-Time Systems


Descriptive Note : Research paper


Corporate Author : NAVAL SURFACE WARFARE CENTER DAHLGREN DIV VA


Personal Author(s) : Fink, G A ; Chappell, B L ; Turner, T G ; O'Donoghue, K F


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a406577.pdf


Report Date : Apr 2002


Pagination or Media Count : 9


Abstract : This paper describes a set of metrics that will help administrators of distributed, real-time (clustered) computer facilities to select the best intrusion detection system for their facilities. The metrics herein are the subset of our general metric set that particularly impact real-time and distributed processing issues. We discuss related works in this field, the role of intrusion detection in information assurance, some basic classes of intrusion detection systems, a general architecture of network intrusion detection systems, and the scorecard metrics and their application to real-time and distributed processing systems. Finally we discuss the lessons we learned using a preliminary version of the metric scorecard to test three commercial intrusion detection systems and the opportunities for further work in this area.


Descriptors :   *INTRUSION DETECTION(COMPUTERS) , *SOFTWARE METRICS , REAL TIME , COMPUTER NETWORKS


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE