Year
1986
Abstract
This paper analyzes the process which is typically followed in implementing an Intrusion Detection System. The analysis shows that this process lacks adequate checks and balances, and for this reason, is a likely contributor to the problems most commonly encountered. Elements of the process most likely to create problems are identified, and suggestions for improving the process are made. No effort is made to describe problems which are specific to a given technology or product, or are related to a particular category of sites or facilities.