| The problem that was explored in this study is the lack of academic research in a critical Intrusion Detection System (IDS) area; i.e., an automated security schema deployed in an effort to reduce information security breaches of a network. Security breaches can cause a mission critical IT system to be unavailable to end users, can provide aid and comfort to an enemy force, and can cause a unit mission to fail.; The purpose of this study was to determine how current IDS technology assists in reducing threats to the integrity, confidentiality, and availability of Command Sustainment Support Systems (BCS3). Based on Bell-Lapadula and the Biba theories, a case study of the BCS3 was conducted at three military installations. Security-engineer professionals involved with certifying and accrediting Department of Defense networks were surveyed. The research questions focused on the different IDS approaches being used and the types of computer attacks being detected.; The results of the study showed that all of the installations were using IDS as a common practice. Two primary IDS approaches used were network-based and host-based with the strengths of one approach complementing the weaknesses of the other. Besides identifying computer attacks and suspicious activity, data from IDS were also used to identify security weaknesses and vulnerabilities throughout the networks. The three major computer attacks commonly detected by IDS were system scanning, Denial of Service (DoS), and system penetration.; Based on these findings, it is recommended that IDS strategies be implemented into the design of an organization's network. This reflects a defense-in-depth or layered approach to protecting an organization's assets by defining and enforcing an effective security policy, installing one or more firewalls to limit access, and deploying access-control measures, and user authentication mechanisms. Finally, continued evaluation and study is recommended to probe further IDS security and functionality.; The social change importance for this research is reinforcement of the benefits of using IDS as an element in a defense-in-depth for network security. Further development of IDS may provide network administrators with the insights to protect systems in a wide range of critical applications in an ever-increasing threat environment. |
