Models and Security Requirements for IDS. Overview. The system and attack model Security requirements for IDS Sensitivity Detection Analysis methodology IDS satisfying the framework Combinatorial tools in intrusion detection. The system and attack model. The model of the system:
p =(sid, time, poe, pl )
sid – the identity of the sender (U)
time – a timestamp of the action
poe – point of entry (BG)
pl – the payload – what is actually sent.
rw - representation window
m [init ] - the length of the stream of packets used in the initialization phase.
m [det] - the length of the stream of packets used in the detection phase, to be classified by algorithm C
dw - maximum distance between the first and the last packet of an attack sequence within the stream m [det].
rw=O (n )
d =O (1)
m [init ]=na
a,b>1, potentially large constants.