Intrusion Detection
System Requirements
A Capabilities Description in Terms of the Network
Monitoring and Assessment Module of CSAP21
December 2000
Leonard J. LaPadula, The MITRE Corporation
Therese R. Metcalf, The MITRE Corporation
ABSTRACT
This paper presents the intrusion detection and vulnerability scanning
capabilities that the authors consider necessary for the U.S. Air Force
network. These capabilities are described as
requirements for the Network Monitoring and Assessment (NMA) module
of the Computer Security Assistance Program for the Twenty-First Century
(CSAP21) architecture. The advantage of this approach is that it provides
a global and comprehensive context in which to describe intrusion detection
system (IDS) requirements. We have adapted and organized requirements
derived from a number of sources, including intrusion monitoring practit
ioners.
» Download Paper [PDF, 106KB]
Additional Search Keywords
Intrusion detection, vulnerability scanning, requirements, architecture,
IDS, intrusion detection system, network monitoring and assessment,
NMA, CSAP21.
|
