Abstract
The purpose of this work is to study the priorities in the deployment of network intrusion detection systems (NIDS) in small corporate networks. The goal is to minimize costs while optimizing performance. Despite apparent benefits of automated intrusion detection systems (IDS), they are not widely deployed at this time. Our main research problem is defining key cost areas of NIDS deployment and then developing ways to achieve the required functionality with minimal costs. We present a concept of pre-ids stage, where small, isolated tools are used to target network security problems. The ease of deployment and low maintenance costs help of these tools allow to combat a large part of these problems at a fraction of the costs of a full IDS.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35691-4_52
Chapter PDF
Similar content being viewed by others
References
Amoroso, E. (1994). Fundamentals of Computer Security Technology. Prentice Hall, Englewood Cliffs, NJ.
Bace, R. (1999). An intro to intrusion detection assessment. Technical report, Infidel Inc.
Berinato, S. (2002). Finally, a real return on security spending. CIO Magazine. http://www.cio.com/archive/021502/security con tent.html.
focus.ids (2002). Focus-ids: Statistical anomaly analysis. http://www.securityfocus.com
Graham, R. (2000). Sniffing fact, v.0.3.3. http://www.robertgraham.com/pubs/sniffingfaq.html.
Heberlein, L., Levitt, K., and Mukherjee, B. (1991). A method to detect intrusive activity in a networked environment. In Proceedings of the 14th National Computer Security Conference. Washington DC.
Lunt, T., Jagannathan, R., Lee, R., Listgarten, S., Edwards, D., and Ford, J. (1988). Ides: The enhanced prototype, a real-time intrusion-detection expert system. Technical report, SRI International.
Ptacek, T. H. and New sham, T. N. (1998). Insertion, evasion, and denial of service: Eluding network intrusion detection. Technical report, “N/A”, Suite 330, 1201 5th Street S.W, Calgary, Alberta, Canada, T2R–0Y6.
Raili, S. (2002). Tietoturvan syydetäün raha heikoin tuloksin. lTViikko, (6).
Sanchez, S. C. (2000). Ids “zone” theory diagram. http://infosec.gungadin.com. referred 2. 1. 2002.
Smaha, S. (1998). Haystack: An intrusion detection system. In Proceedings of the IEEE Fourth Aerospace Computer Security Applications Conference. IEEE. Orlando, Florida.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 IFIP International Federation for Information Processing
About this paper
Cite this paper
Dobrucki, M., Virtanen, T. (2003). Priorities in the Deployment of Network Intrusion Detection Systems. In: Gritzalis, D., De Capitani di Vimercati, S., Samarati, P., Katsikas, S. (eds) Security and Privacy in the Age of Uncertainty. SEC 2003. IFIP — The International Federation for Information Processing, vol 122. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35691-4_36
Download citation
DOI: https://doi.org/10.1007/978-0-387-35691-4_36
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6489-5
Online ISBN: 978-0-387-35691-4
eBook Packages: Springer Book Archive