The base-rate fallacy and the difficulty of intrusion detection

  title={The base-rate fallacy and the difficulty of intrusion detection},
  author={S. Axelsson},
  journal={ACM Trans. Inf. Syst. Secur.},
  • S. Axelsson
  • Published 2000
  • Computer Science
  • ACM Trans. Inf. Syst. Secur.
  • Many different demands can be made of intrusion detection systems. [...] Key Result A selection of reports of intrusion detection performance are reviewed, and the conclusion is reached that there are indications that at least some types of intrusion detection have far to go before they can attain such low false alarm rates.Expand Abstract
    577 Citations

    Figures and Topics from this paper.

    Explore Further: Topics Discussed in This Paper

    Paper Mentions

    Methods for increasing creditability of anomaly detection system
    • Yan Giao
    • Computer Science
    • Wuhan University Journal of Natural Sciences
    • 2008
    • 1
    Reducing False Alarm Rate in Anomaly Detection with Layered Filtering
    • 7
    • Highly Influenced
    • PDF
    Intrusion-Detection Policies for IT Security Breaches
    • 17
    • PDF
    A Risk-Sensitive Intrusion Detection Model
    • 3
    Improvement in minority attack detection with skewness in network traffic
    • 17
    Evaluation of intrusion detectors: a decision theory approach
    • J. Gaffney, J. Ulvila
    • Computer Science
    • Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001
    • 2001
    • 137
    Anomaly-based correlation of IDS alarms
    • 4
    A test of intrusion alert filtering based on network information
    • 4
    • PDF


    Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse
    • 150
    • Highly Influential
    A data mining framework for building intrusion detection models
    • W. Lee, S. Stolfo, K. Mok
    • Computer Science
    • Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)
    • 1999
    • 1,291
    • Highly Influential
    • PDF
    Computer security threat monitoring and surveillance
    • 79F26400 26 Feb revised April 15.
    • 1980
    Temporal sequen e learning and data redu tion foranomaly dete tion
    • ACM Transa tions of Information and System Se urity
    • 1999