Defence-in-depth is a term often used in security literature to denote architectures in which multiple security protection systems are deployed to defend the valuable assets of an organization (e.g. the data and the services). In this paper we present an approach for analysing defence-in-depth, and illustrate the use of the approach with an empirical study in which we have assessed the detection capabilities of intrusion detection systems when deployed in diverse, two-version, parallel defence-in-depth configurations. The configurations have been assessed in settings that favour detection of attacks (reducing false negatives), as well as settings that favour legitimate traffic (reducing false positives)
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
The implementation of diversity in testbeds is essential to understanding and improving the security...
Defense in depth is vital as no single security product detects all of today’s attacks. To design de...
Most modern computer systems are connected to the Internet. This brings many opportunities for reven...
This report presents the analysis of the detection capabilities of intrusion detection systems when ...
We present an analysis of the diversity that exists in the rules and blacklisted IP addresses of the...
Diverse layers of defence play an important role in the design of defence-in-depth architectures. Th...
The security gains of intrusion-tolerant systems are directly dependent on the assumption that syste...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
Due to the constantly evolving nature of cyber threats and attacks, organisations see an ever-growin...
In this paper we describe the design of a new set of empirical studies we will run to test the gains...
Diversity is an important and valuable concept that has been adopted in many fields to reduce correl...
Network-based Intrusion Detection Systems (NIDSs) are an important mechanism to identify malicious b...
This work discusses the role of diversity as a mean towards secure monitoring and control. The intui...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
The implementation of diversity in testbeds is essential to understanding and improving the security...
Defense in depth is vital as no single security product detects all of today’s attacks. To design de...
Most modern computer systems are connected to the Internet. This brings many opportunities for reven...
This report presents the analysis of the detection capabilities of intrusion detection systems when ...
We present an analysis of the diversity that exists in the rules and blacklisted IP addresses of the...
Diverse layers of defence play an important role in the design of defence-in-depth architectures. Th...
The security gains of intrusion-tolerant systems are directly dependent on the assumption that syste...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
Due to the constantly evolving nature of cyber threats and attacks, organisations see an ever-growin...
In this paper we describe the design of a new set of empirical studies we will run to test the gains...
Diversity is an important and valuable concept that has been adopted in many fields to reduce correl...
Network-based Intrusion Detection Systems (NIDSs) are an important mechanism to identify malicious b...
This work discusses the role of diversity as a mean towards secure monitoring and control. The intui...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct b...
The implementation of diversity in testbeds is essential to understanding and improving the security...
Defense in depth is vital as no single security product detects all of today’s attacks. To design de...