摘要: Research in automated computer security intrusion detection, detection for short, is maturing. Several difficulties remain to be solved before systems become commonplace as part of real-world solutions. One such difficulty regards the subject effectiveness, how successful system at actually detecting intrusions with a high degree certainty. With this its starting point, paper discusses “base-rate fallacy” and it influences relative success an system, under set reasonable circumstances. The conclusion reached that false-alarm rate quickly becomes limiting factor.
参考文章(7)
D. Wyschogrod, D. J. Fried, K. R. Kendall, R. K. Cunningham, Richard Lippmann, Isaac Graf, S. E. Webster, S. L. Garfinkel, D. J. McClung, Richard P. Lippmann, D. J. Weber, A. S. Gorton, M. A. Zissman, The 1998 DARPA/AFRL Off-line Intrusion Detection Evaluation ,(1998)
Terran Lane, Carla E. Brodley, Temporal sequence learning and data reduction for anomaly detection computer and communications security. pp. 150- 158 ,(1998) , 10.1145/288090.288122
Robert A. J. Matthews, Base-rate errors and rain forecasts Nature. ,vol. 382, pp. 766- 766 ,(1996) , 10.1038/382766A0
Robert A. J. Matthews, Decision-theoretic limits on earthquake prediction Geophysical Journal International. ,vol. 131, pp. 526- 529 ,(1997) , 10.1111/J.1365-246X.1997.TB06596.X
Stuart J. Russell, Peter Norvig, Artificial Intelligence: A Modern Approach ,(2020)
Ulf Gustafson, Ulf Lindqvist, Erland Jonsson, Stefan Axelsson, An Approach to UNIX Security Logging 1 ,(1998)
D.E. Denning, An Intrusion-Detection Model IEEE Transactions on Software Engineering. ,vol. 13, pp. 222- 232 ,(1987) , 10.1109/TSE.1987.232894