IDS mailing list archives
Re: Costs of a compromise related to the detection time
From: Scott Wimer <scottw () cylant com>
Date: Mon, 03 Feb 2003 09:08:35 -0800
A group at the University of Idaho in Moscow, Idaho has done some work in this direction. Here's a link to their paper on this.
http://www.csds.uidaho.edu/director/costbenefit.pdf Konrad Rieck wrote:
Hi,I am doing a study on Intrusion Detection Systems at the Free Universityof Berlin. In order to underline the motivation for integrating an IDS into an existing system, I would like to add some details about the relation between compromise/attack detection and the resultingcosts.e.g. immediate detection => xxx $ costsdetection after an hour => xxxx $ costsafter a day => xxxxx $ costs after a week => priceless ;)I am not sure if there are any publications describing this relation, but I recall a post on bugtraq that contained something similar. If anyone on this list knows a little bit more, please let me know.With best Regards, Konrad Rieck
-- Scott M. Wimer, CTO Cylant www.cylant.com 121 Sweet Ave. v. (208) 883-4892 Suite 123 c. (208) 850-4454 Moscow, ID 83843 There is no Security without Control.
Current thread:
- Costs of a compromise related to the detection time Konrad Rieck (Feb 05)
- Re: Costs of a compromise related to the detection time Scott Wimer (Feb 05)