Authors: Sodiya A.S., Onashoga S.A., Adepoju B.T.
Journal of Computer Science & its Application. June 2009. Vol.16. No. 1
Abstract
Over the years, Intrusion Detection Systems (IDSs) have become necessary security mechanisms for detecting unauthorized access to computer systems. However, many organizations are yet to implement IDS on their computer and network systems because they do not appreciate its significance and capabilities. Consequently, it is important to determine the extent of damage an intrusion or attack can have on computer systems in order to justify the significance of IDS. This work presents a technique for evaluating the impact of intrusions or attacks on computer and network systems. A comprehensive model for computing Intrusion Impact Index (III) was constructed to determine the impact of intrusions on computer systems. The parameters for III computation include attack type, attack severity class and computer resources under attack. The model also provides procedure for ascertaining the security status of the system in terms of confidentiality, integrity and availability, after the intrusion has taken place. The design was implemented using C because of its ability for designing interactive applications. The evaluation was carried using attacks from the DARPA intrusion detection evaluation. The results show system that can be used to evaluate the impact of various attacks on computer systems. This work will further guide the designers of IDS in designing efficient IDSs and provide relevant information to encourage more organizations to employ the use of IDS.