|
-
CS Department
Location, phone, fax
-
Search CS Website
-
Join Us!
-
CS People
- Key Contacts
- Undergraduate Students
- Graduate Students
-
Faculty
-
Staff
-
Events/Seminars
-
Awards & Honors
-
In The News
-
Research
-
Undergraduate &
Graduate Programs
-
Computing Facilities
-
Alumni & Industry
-
Useful Resources
-
Invest in CS
Computer Security and Cryptography Seminar:
|
| Date & Location |
Event |
|
|
Department of Computer Sciences, University of Wisconsin, Madison (web)
On Building Cooperating Intrusion Detection Systems
In a recent work, Axelsson mathematically showed that even with a reasonably accurate intrusion detection system, one out of three alerts is likely to be false positive. Axelsson observed that a few IDS mistakes are translated into a large number of false positives because of the volume of benign events dwarfs the volume of intrusions. Axelsson concluded that false positives will always remain a major problem and called this phenomenon, the base-rate fallacy of intrusion detection. In this talk we will discuss two issues. First, we will explain the mathematics behind Axelsson observation. Second, we will challenge Axelssons base-rate fallacy. We argue that the problem of false positives is not inherent part of intrusion detection but it is more a question of resources available for detection. We show how the base-rate fallacy can be used to build both efficient and accurate detectors. |
< Back to the Sec & Crypto seminar schedule
Created: Fri May 12 13:03:27 2006
Last modified: Fri May 12 13:05:12 Central Daylight Time 2006