Using CVSS scores can make more informed and more adapted Intrusion Detection Systems - Pôle Cyber & Réseaux
Article Dans Une Revue Journal of Universal Computer Science Année : 2024

Using CVSS scores can make more informed and more adapted Intrusion Detection Systems

Résumé

Intrusion Detection Systems (IDSs) are essential cybersecurity components. Previous cyberattack detection methods relied more on signatures and rules to detect cyberattacks, although there has been a change in paradigm in the last decade, with Machine Learning (ML) enabling more efficient and flexible statistical methods. However, ML often suffers from the lack of, and proper use of, cybersecurity information, be they for proper evaluation or even improving performance. This paper shows that using a de facto standard in cybersecurity: the Common Vulnerability Scoring System (CVSS), can improve IDSs at different levels, from helping in training an IDS, to more properly evaluating its performance, even taking into account systems with different protection requirements. This paper introduces Cyber Informedness, a new metric considering cybersecurity information to give a more informed representation of performance, influenced by the severity of the attacks encountered. Consequently, this metric is also able to differentiate performance of IDSs when security requirements, Confidentiality, Integrity and Availability, are defined using CVSS’ environmental parameters. Finally, sub-parts of this metric can be integrated into the training phase’s loss of Neural Networks (NNs)-based IDSs to build IDSs that better detect more severe attacks.
Fichier principal
Vignette du fichier
JUCS-RobinDURAZ.pdf (304.85 Ko) Télécharger le fichier
Origine Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-04792945 , version 1 (20-11-2024)

Identifiants

Citer

Robin Duraz, David Espes, Julien Francq, Sandrine Vaton. Using CVSS scores can make more informed and more adapted Intrusion Detection Systems. Journal of Universal Computer Science, 2024, 30 (9), pp.1244-1264. ⟨10.3897/jucs.131659⟩. ⟨hal-04792945⟩
0 Consultations
0 Téléchargements

Altmetric

Partager

More