'questions of IDS performance'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-ids
Subject:    questions of IDS performance
From:       guo_yinghua () yahoo ! com ! cn
Date:       2006-05-23 2:26:41
Message-ID: 20060523022641.29610.qmail () securityfocus ! com
[Download RAW message or body]

I am interested in IDS, especially in the ad hoc network environment. In general, \
various application environments have various security requirements of their \
underlying communication networks. For example, communication networks are required \
to be protected with higher security level when they are deployed in hostile and \
tough environment (i.e. military applications). On the other hand, the requirement of \
communication security in civilian applications that usually are located in \
non-hostile is comparatively loose. Accordingly, IDS, if it is deployed to protect \
various networks, should be able to provide adjustable security levels in terms of \
various levels of detection rate, false alarm rate, detection time, and etc.  My \
question is: what are the desired levels for acceptable performance in terms of \
detection rate, false alarm rate, detection time of an IDS when it is deployed in \
various network applications.  ·For instance, when an IDS is deployed to protect a \
network in a civilian application (e.g. university LAN), what are the desired levels \
for acceptable performance in terms of detection rate, false alarm rate, detection \
time? Is 60 seconds of detection time acceptable? Is 80% of detection rate good?  \
·How about these levels for acceptable performance when IDS is deployed in high \
security requirement application (e.g. battlefield communication)?  ·How about these \
levels for acceptable performance when IDS is deployed in mobile ad hoc networks? If \
specific answers for these questions are not available, could you provide some rough \
guides to the solutions of these questions? 

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic