Title :
Performance Evaluation of a Collaborative Intrusion Detection System
Author :
Jia, Chunfu ; Chen, Deqiang
Author_Institution :
Coll. of Inf. Technol. & Sci., Nankai Univ., Tianjin, China
Abstract :
There are two technologies in intrusion detection systems: misuse detection and anomaly detection. Both misuse detection and anomaly detection have advantages and disadvantages. At present, the intrusion detection system is developed by using these two technologies in conjunction with one another, but there is not an effective method to evaluate the intrusion detection systems collaborative detection´s performance. It is necessary to analyze it by establishing a strictly mathematical assessment equation. Considering the information theory method to analysis this problem, the intrusion detection capability can be used to analysis and evaluation. By contrast two intrusion detection systems, it turns out, the system that based on misuse and anomaly collaborative detection has the better detection effects.
Keywords :
information theory; security of data; software performance evaluation; anomaly collaborative detection; anomaly detection; collaborative intrusion detection system; information theory; mathematical assessment equation; misuse detection; performance evaluation; Bayesian methods; Collaboration; Costs; Databases; Detectors; Educational institutions; Equations; Information analysis; Information technology; Intrusion detection; IDS; anomaly detection; collaborative detection; intrusion detection capability; misuse detection;
Conference_Titel :
Natural Computation, 2009. ICNC '09. Fifth International Conference on
Conference_Location :
Tianjin
Print_ISBN :
978-0-7695-3736-8
DOI :
10.1109/ICNC.2009.698
