Document Type

Article

Publication Date

2018

DOI

10.4236/cn.2018.104017

Publication Title

Communications and Network

Volume

10

Issue

4

Pages

211-229

Abstract

In this paper, we consider a cost-based extension of intrusion detection capability (CID). An objective metric motivated by information theory is presented and based on this formulation; a package for computing the intrusion detection capability of intrusion detection system (IDS), given certain input parameters is developed using Java. In order to determine the expected cost at each IDS operating point, the decision tree method of analysis is employed, and plots of expected cost and intrusion detection capability against false positive rate were generated. The point of intersection between the maximum intrusion detection capability and the expected cost is selected as the optimal operating point. Considering an IDS in the context of its intrinsic ability to detect intrusions at the least expected cost, findings revealed that the optimal operating point is the most suitable for the given IDS. The cost-based extension is used to select optimal operating point, calculate expected cost, and compare two actual intrusion detectors. The proposed cost-based extension of intrusion detection capability will be very useful to information technology (IT), telecommunication firms, and financial institutions, for making proper decisions in evaluating the suitability of an IDS for a specific operational environment.

Comments

This work is licensed under the Creative Commons Attribution International License (CC BY 4.0)

Original Publication Citation

Imoize, A. L., Oyedare, T., Otuokere, M. E., & Shetty, S. (2018). Software intrusion detection evaluation system: A cost-based evaluation of intrusion detection capability. Communications & Network, 10(4), 211-229. doi: 10.4236/cn.2018.104017

ORCID

0000-0002-8789-0610 (Shetty)

Share

COinS