Base-Rate Fallacy Redux and a Deep Dive Review in Cybersecurity

by   Robert F. Erbacher, et al.

This paper examines the current state of the science underlying cybersecurity research with an emphasis on the non-signature-based intrusion detection domain. First, the paper re-examines the base-rate fallacy originally published by Axelsson, putting the impact of false positives into context. Given the relative high numbers of false positives, the paper argues for deeper analysis of false positives, akin to the analysis that true positives are treated to. The second section of the paper examines the metrics being used to analyze non-signature intrusion detection techniques, the current status quo of employed metrics, and the impact of the status quo on scientific advancement. Finally, the paper analyzes the use of online attack graphs and their applicability, especially in scenarios of constrained environments, such as Internet of Things devices. The use of offline attack graphs in such constrained environments is also examined. In essence, a deep dive review identified multiple areas throughout the field in which the effectiveness and validity of the scientific method can be greatly improved, e.g., through removal of logical fallacies.


Intrusion Detection using ASTDs

In this paper, we show the application of ASTDs to intrusion detection. ...

Evaluation of Machine Learning Algorithms for Intrusion Detection System

Intrusion detection system (IDS) is one of the implemented solutions aga...

Combining Naive Bayes and Decision Tree for Adaptive Intrusion Detection

In this paper, a new learning algorithm for adaptive network intrusion d...

A Controlled Experiment on the Impact of Intrusion Detection False Alarm Rate on Analyst Performance

Organizations use intrusion detection systems (IDSes) to identify harmfu...

Dissemination Control in Dynamic Data Clustering For Dense IIoT Against False Data Injection Attack

The IoT has made possible the development of increasingly driven service...

Deep Transfer Learning Applications in Intrusion Detection Systems: A Comprehensive Review

Globally, the external Internet is increasingly being connected to the c...

Should I Raise The Red Flag? A comprehensive survey of anomaly scoring methods toward mitigating false alarms

A general Intrusion Detection System (IDS) fundamentally acts based on a...

Please sign up or login with your details

Forgot password? Click here to reset