SETTING OPTIMAL INTRUSION-DETECTION THRESHOLDS

In this paper a model is developed to study an intrusion detection pro cess. From the model, a measure called the Secure Computation Index is proposed. This index is used to quantify the total aspect of an intru sion-safe (or intrusion-resistant) system. Comparative studies based o n the index can assist in making decisions on optimal strategic contro ls against any possible system intrusion. In this paper, we show how t he model can be used to help in setting optimal intrusion-detection th resholds, which will provide the best intrusion coverage with the mini mum false positive rate.