| Budget Amount *help |
¥3,700,000 (Direct Cost: ¥3,400,000、Indirect Cost: ¥300,000)
Fiscal Year 2007: ¥1,300,000 (Direct Cost: ¥1,000,000、Indirect Cost: ¥300,000)
Fiscal Year 2006: ¥1,100,000 (Direct Cost: ¥1,100,000)
Fiscal Year 2005: ¥1,300,000 (Direct Cost: ¥1,300,000)
|
|---|
| Research Abstract |
It is important far Intrusion Detection/Prevention Systems to reduce false alerts. If the system makes alerts for ordinary activities, administrators must check the existence of actual intrusions. We found that the differences of recognition among producer of IDS and user of IDS make these false alerts. We researched on how to represent threats that the users consider to be reported.
The users of the system consider alerts as false alerts when the detection result is different from the one expected. They judge it according to their own vague senses. It is very difficult to express such a vague demand strictly using description languages similar to programming languages. We found that the technique of the requirements analysis in software engineering is useful to express a vague demand. We define the notation of threats using the technique found in software engineering area. We use post conditions to describe threats, so we can' t use this for IDS/IPS configurations. However, we can evaluate IDS systems by comparing ratios of false alerts.
|
