Date of Award

4-22-2004

Document Type

Thesis

Degree Name

Bachelor of Arts

Department

Mathematics

First Advisor

Dr. Doug Szajda

Abstract

An intrusion detection system (IDS) is a collection of monitors strategically placed on a network or individual host in order to detect anomalous behavior. Since James Anderson introduced one of the first frameworks for an intrusion detection system in [1]. researchers have extended the capabilities of these systems. IDSs take many forms, from systems as basic as command line audit logs to those that emulate the defense mechanisms of the human immune system. However, as intrusion detection has evolved, scientists and administrators alike are beginning to question the need for this technology due to its lack of quantifiable performance and in ability to handle increasingly fast networks. A report published by Richard Stiennon, Vice President of Gartner Inc., asserts that intrusion detection systems will be obsolete by the year 2005. The controversy surrounding Stiennon's statements has forced researchers to seriously consider the viability of these systems. Yet, despite valid complaints and concerns with the progress of intrusion detection systems, we feel these systems should continue to undergo research and development as there are still many unanswered questions in regards to its future use. Additionally, the failures that have spurred discontent with intrusion detection systems have often resulted from careless configuration and implementation rather than from their design. This paper demonstrates that there is still potential for further exploration into the development of intrusion detection systems.

Share

COinS