Abstract
Two of practical issues in designing a network-based intrusion detection system for denial-of-service attacks are; how to represent the distributions of detection probability, false alarm probability and miss probability; how to achieve a high detection probability, a low false alarm probability and a low miss probability for decision making. This paper gives the representations to describe three probability distributions. Based on them, the authors derive a detection region within which one may achieve a high detection probability, a low false alarm probability and a low miss probability by selecting a suitable threshold value. A case study is demonstrated.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call