Author(s)

Agbotiname L. Imoize^1,2, Taiwo Oyedare¹, Michael E. Otuokere², Sachin Shetty³

¹Bradley Department of Electrical and Computer Engineering, Virginia Tech, Blacksburg, USA.
²Department of Electrical and Electronics Engineering, University of Lagos, Lagos, Nigeria.
³Modeling, Analysis and Simulation Center, Old Dominion University, Norfolk, USA.

In this paper, we consider a cost-based extension of intrusion detection capability (C_ID). An objective metric motivated by information theory is presented and based on this formulation; a package for computing the intrusion detection capability of intrusion detection system (IDS), given certain input parameters is developed using Java. In order to determine the expected cost at each IDS operating point, the decision tree method of analysis is employed, and plots of expected cost and intrusion detection capability against false positive rate were generated. The point of intersection between the maximum intrusion detection capability and the expected cost is selected as the optimal operating point. Considering an IDS in the context of its intrinsic ability to detect intrusions at the least expected cost, findings revealed that the optimal operating point is the most suitable for the given IDS. The cost-based extension is used to select optimal operating point, calculate expected cost, and compare two actual intrusion detectors. The proposed cost-based extension of intrusion detection capability will be very useful to information technology (IT), telecommunication firms, and financial institutions, for making proper decisions in evaluating the suitability of an IDS for a specific operational environment.

Intrusion Detection System, Intrusion Detection Capability (CID), Information Theory, Software Intrusion Detection Evaluation System (SIDES)

Imoize, A. , Oyedare, T. , Otuokere, M. and Shetty, S. (2018) Software Intrusion Detection Evaluation System: A Cost-Based Evaluation of Intrusion Detection Capability. Communications and Network, 10, 211-229. doi: 10.4236/cn.2018.104017.