Logo des Repositoriums
 

On the Perception of Risk Assessment in Intrusion Detection Systems

dc.contributor.authorGolling, Mario
dc.contributor.authorKoch, Robert
dc.contributor.authorDreo Rodosek, Gabi
dc.contributor.editorMüller, Paul
dc.contributor.editorNeumair, Bernhard
dc.contributor.editorRaiser, Helmut
dc.contributor.editorDreo Rodosek, Gabi
dc.date.accessioned2017-06-20T11:04:53Z
dc.date.available2017-06-20T11:04:53Z
dc.date.issued2017
dc.description.abstractEspecially in the area of Intrusion Detection, the concept as well as the understanding of the term "risk" is of fundamental irnportance. Generally, risk assessment represents an important means of evaluating certain situations, plans, events or systems in a systematic and comprehensive procedure. As in other areas, within the field of IT security, the systematic assessment process (risk analysis) also aims at recomrnending how to allocate available resources. Referring to this, both, the categorization oftraffic (whether traffic has to be classified as an attack or not - "benign vs. malicious") as we11 as a corresponding estimation of the expected damage (severity) are of central importance. Therefore, within this publication, the authors address the following questions in detail: (1) To what extent are the detection results of different IDSs comparable - with regard to the assessment of the risk / extent of damage - or are there strong deviations? (2) How do both vendor-dependent and vendor-independent alerts address the topic of risk assessment and enable the implementation of a comprehensive risk concept? To this end, at the heart of this paper, an overview as weil as an evaluation of important representatives of open source IDSs is presented, focusing on methods for risk assessment resp. risk rating including cross-vendor risk rating and the Common Vulnerability Scoring System (CVSS). Furthermore, the paper also contains a brief demise of the most important representatives of comrnercial IDSs.
dc.identifier.isbn978-3-88579-665-7
dc.identifier.pissn1617-5468
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartof10. DFN-Forum Kommunikationstechnologien
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-271
dc.subjectNetwork Security
dc.subjectIntrusion Detection
dc.subjectRisk Rating
dc.subjectRisk Assessment
dc.subjectRisk Severity
dc.titleOn the Perception of Risk Assessment in Intrusion Detection Systems
dc.typeText/Conference Paper
gi.citation.endPage30
gi.citation.publisherPlaceBonn
gi.citation.startPage21
gi.conference.date30.-31. Mai 2017
gi.conference.locationBerlin
gi.conference.sessiontitleSicherheit

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
paper02.pdf
Größe:
583.95 KB
Format:
Adobe Portable Document Format