Reasoning About Intrusion Detection Systems for High Speed Networks
Detecting intrusions in networks and applications has become one of the most critical tasks to prevent their misuse by attackers. The cost involved in protecting these valuable resources is often negligible when compared with the actual cost of a successful intrusion, which strengthens the need to develop more powerful intrusion detection systems. Moreover, the complexity of the information, the computer systems, and the attacks are being more sophisticated, unpredictable, frequent and from a wider range of sources and are exceeding current IDS ability. The problem becomes more serious with the emergence of high-speed networks, which has raised new serious management challenges mainly related to real time constraints, scalability, and efficiency.