Analysis and Evaluation of IDS Alerts on a Corporate Network
Rousseau C, Clarke NL, Ghita BV
Advances in Communications, Computing, Networks and Security 5, ISBN: 978-1-84102-257-4, pp68-77, 2008
Can be ordered on-line.
Download links:  Download PDF

More and more, organizations rely on their network (Lundin Barse, 2004). This makes them vulnerable and the actual security means are no longer powerful enough. In order to bring more security than the traditional firewalls, IDS came out. Unfortunately, they do not bring the expected level of security. As they generate a lot of false positive, they tend to makes administrator of such systems turn them off. This paper then tries to analyze the cost effective of IDS for organizations. They today do not have the same means to face threats and vulnerabilities. If some companies are willing to invest a lot in security, some others are not. This research work has been based on the University of Plymouth network. It pointed out that IDS had to be properly configured in order to involve less investment for the administrators. But it also underlined that designers of such systems have to improve their effectiveness. Today, considering the investment that IDS represent, they do not seem cost effective enough to be used by all organizations.

