Publication details

Home Publications Publication details

Assessing the challenges of Intrusion Detection Systems
Ibrahim T, Furnell SM, Papadaki M, Clarke NL
Proceedings of the 7th Security Conference, Las Vegas, USA, 2nd-3rd June, 2008
Download links:  Download PDF

Intrusion Detection Systems (IDS) are a commonly recognised element of the Internet security arsenal, regularly considered alongside firewalls and anti-virus as options for protecting networked systems. However, despite the widespread availability, the actual deployment and use of IDS is considerably less than these other technologies, suggesting that practical factors are potentially constraining their adoption. This paper seeks to further investigate this issue, drawing upon prior literature to identify the range of challenges that may be posed by IDS, and then mounting a survey to determine their relative significance. A web-based questionnaire was used to solicit information and opinion from IDS users and other IDS-aware respondents. A total of 41 responses were obtained, which (although limited) was sufficient to reveal a notable finding in the overall response. Specifically, while the received wisdom suggests that the most pressing challenge of IDS is the volume of false positives, the survey results indicated that a number of human-related aspects (relating to understanding, skills and ability to correlate information) were actually more prominent problems.

Ibrahim T, Furnell SM, Papadaki M, Clarke NL