Quantifying the Attack Detection Accuracy of Intrusion Detection Systems in Virtualized Environments
A. Milenkoski, K. Jayaram, N. Antunes, M. Vieira, and S. Kounev. Proceedings of The 27th IEEE International Symposium on Software Reliability Engineering (ISSRE 2016), Washington DC, USA, IEEE, IEEE Computer Society, (October 2016)Acceptance rate (Full Paper): 45/130 = 34\%.
Abstract
With the widespread adoption of virtualization, intrusion detection systems (IDSes) are increasingly being deployed in virtualized environments. When securing an environment, IT security officers are often faced with the question of how accurate deployed IDSes are at detecting attacks. To this end, metrics for assessing the attack detection accuracy of IDSes have been developed. However, these metrics are defined with respect to a fixed set of hardware resources available to the tested IDS. Therefore, IDSes deployed in virtualized environments featuring elasticity (i.e., on-demand allocation or deallocation of virtualized hardware resources during system operation) cannot be evaluated in an accurate manner using existing metrics. In this paper, we demonstrate the impact of elasticity on IDS attack detection accuracy. In addition, we propose a novel metric and measurement methodology for accurately quantifying the accuracy of IDSes deployed in virtualized environments featuring elasticity. We demonstrate their practical use through case studies involving commonly used IDSes.
%0 Conference Paper
%1 MiJaAnViKo2016-ISSRE-Quantifying
%A Milenkoski, Aleksandar
%A Jayaram, K. R.
%A Antunes, Nuno
%A Vieira, Marco
%A Kounev, Samuel
%B Proceedings of The 27th IEEE International Symposium on Software Reliability Engineering (ISSRE 2016)
%C Washington DC, USA
%D 2016
%I IEEE Computer Society
%K Virtualization Security Metrics_and_benchmarking_methodologies Elasticity Cloud t_full myown descartes
%T Quantifying the Attack Detection Accuracy of Intrusion Detection Systems in Virtualized Environments
%U http://ieeexplore.ieee.org/document/7774527/?reload=true
%X With the widespread adoption of virtualization, intrusion detection systems (IDSes) are increasingly being deployed in virtualized environments. When securing an environment, IT security officers are often faced with the question of how accurate deployed IDSes are at detecting attacks. To this end, metrics for assessing the attack detection accuracy of IDSes have been developed. However, these metrics are defined with respect to a fixed set of hardware resources available to the tested IDS. Therefore, IDSes deployed in virtualized environments featuring elasticity (i.e., on-demand allocation or deallocation of virtualized hardware resources during system operation) cannot be evaluated in an accurate manner using existing metrics. In this paper, we demonstrate the impact of elasticity on IDS attack detection accuracy. In addition, we propose a novel metric and measurement methodology for accurately quantifying the accuracy of IDSes deployed in virtualized environments featuring elasticity. We demonstrate their practical use through case studies involving commonly used IDSes.
@inproceedings{MiJaAnViKo2016-ISSRE-Quantifying,
abstract = {With the widespread adoption of virtualization, intrusion detection systems (IDSes) are increasingly being deployed in virtualized environments. When securing an environment, IT security officers are often faced with the question of how accurate deployed IDSes are at detecting attacks. To this end, metrics for assessing the attack detection accuracy of IDSes have been developed. However, these metrics are defined with respect to a fixed set of hardware resources available to the tested IDS. Therefore, IDSes deployed in virtualized environments featuring elasticity (i.e., on-demand allocation or deallocation of virtualized hardware resources during system operation) cannot be evaluated in an accurate manner using existing metrics. In this paper, we demonstrate the impact of elasticity on IDS attack detection accuracy. In addition, we propose a novel metric and measurement methodology for accurately quantifying the accuracy of IDSes deployed in virtualized environments featuring elasticity. We demonstrate their practical use through case studies involving commonly used IDSes.},
added-at = {2020-04-05T23:11:36.000+0200},
address = {{Washington DC, USA}},
author = {Milenkoski, Aleksandar and Jayaram, K. R. and Antunes, Nuno and Vieira, Marco and Kounev, Samuel},
biburl = {https://www.bibsonomy.org/bibtex/226f1f3a2fb5b8e175c18d316264531cf/samuel.kounev},
booktitle = {{Proceedings of The 27th IEEE International Symposium on Software Reliability Engineering (ISSRE 2016)}},
interhash = {1835e9d072ee5d490f633dbd873fd70e},
intrahash = {26f1f3a2fb5b8e175c18d316264531cf},
keywords = {Virtualization Security Metrics_and_benchmarking_methodologies Elasticity Cloud t_full myown descartes},
month = {October},
note = {{Acceptance rate (Full Paper): 45/130 = 34\%}},
organization = {IEEE},
publisher = {IEEE Computer Society},
timestamp = {2020-10-05T16:30:31.000+0200},
title = {{Quantifying the Attack Detection Accuracy of Intrusion Detection Systems in Virtualized Environments}},
url = {http://ieeexplore.ieee.org/document/7774527/?reload=true},
year = 2016
}