Logo des Repositoriums
 
Konferenzbeitrag

On the Perception of Risk Assessment in Intrusion Detection Systems

Vorschaubild

Volltext URI

Dokumententyp

Text/Conference Paper

Zusatzinformation

Datum

2017

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

Gesellschaft für Informatik e.V.

Zusammenfassung

Especially in the area of Intrusion Detection, the concept as well as the understanding of the term "risk" is of fundamental irnportance. Generally, risk assessment represents an important means of evaluating certain situations, plans, events or systems in a systematic and comprehensive procedure. As in other areas, within the field of IT security, the systematic assessment process (risk analysis) also aims at recomrnending how to allocate available resources. Referring to this, both, the categorization oftraffic (whether traffic has to be classified as an attack or not - "benign vs. malicious") as we11 as a corresponding estimation of the expected damage (severity) are of central importance. Therefore, within this publication, the authors address the following questions in detail: (1) To what extent are the detection results of different IDSs comparable - with regard to the assessment of the risk / extent of damage - or are there strong deviations? (2) How do both vendor-dependent and vendor-independent alerts address the topic of risk assessment and enable the implementation of a comprehensive risk concept? To this end, at the heart of this paper, an overview as weil as an evaluation of important representatives of open source IDSs is presented, focusing on methods for risk assessment resp. risk rating including cross-vendor risk rating and the Common Vulnerability Scoring System (CVSS). Furthermore, the paper also contains a brief demise of the most important representatives of comrnercial IDSs.

Beschreibung

Golling, Mario; Koch, Robert; Dreo Rodosek, Gabi (2017): On the Perception of Risk Assessment in Intrusion Detection Systems. 10. DFN-Forum Kommunikationstechnologien. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-665-7. pp. 21-30. Sicherheit. Berlin. 30.-31. Mai 2017

Zitierform

DOI

Tags