Automatic Evaluation of Intrusion Detection Systems

9 years 5 months ago
Automatic Evaluation of Intrusion Detection Systems
An Intrusion Detection System (IDS) is a crucial element of a network security posture. Although there are many IDS products available, it is rather difficult to find information about their accuracy. Only a few organizations evaluate these products. Furthermore, the data used to test and evaluate these IDS is usually proprietary. Thus, the research community cannot easily evaluate the next generation of IDS. Toward this end, DARPA provided in 1998, 1999 and 2000 an Intrusion Detection Evaluation Data Set. However, no new data set has been released by DARPA since 2000, in part because of the cumbersomeness of the task. In this paper, we propose a strategy to address certain aspects of generating a publicly available documented data set for testing and evaluating intrusion detection systems. We also present a tool that automatically analyzes and evaluates IDS using our proposed data set.
Frédéric Massicotte, François
Added 10 Jun 2010
Updated 10 Jun 2010
Type Conference
Year 2006
Authors Frédéric Massicotte, François Gagnon, Yvan Labiche, Lionel C. Briand, Mathieu Couture
Comments (0)