1 May 2017 Modeling approaches for intrusion detection and prevention system return on investment
Author Affiliations +
Making decisions about intrusion detection and/or prevention system (IDPS) enhancements are often limited to tool effectiveness (i.e., predictive performance). However, in many cases, the tools in an IDPS are operating in information environments, where the malicious behavior is difficult to discern, and computational resources are limited. We develop three novel IDPS performance models motivated by the return on investment (ROI) metric, where each model is designed to compare each tool’s relative contributions to the system-level performance over multiple scenarios and configurations. Each of our approaches combine statistical accuracy metrics and computational resource costs into one model to facilitate decision making on IDPS configurations.
Conference Presentation
© (2017) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Nandi O. Leslie, Nandi O. Leslie, Lisa M. Marvel, Lisa M. Marvel, Joshua Edwards, Joshua Edwards, Kyra Comroe, Kyra Comroe, Gregory Shearer, Gregory Shearer, Lawrence Knachel, Lawrence Knachel, } "Modeling approaches for intrusion detection and prevention system return on investment", Proc. SPIE 10185, Cyber Sensing 2017, 1018502 (1 May 2017); doi: 10.1117/12.2258026; https://doi.org/10.1117/12.2258026

Back to Top