Title :
Automatic Evaluation of Intrusion Detection Systems
Author :
Massicotte, Frederic ; Gagnon, Francois ; Labiche, Yvan ; Briand, Lionel ; Couture, Mathieu
Author_Institution :
Canada Commun. Res. Center, Ottawa, Ont.
Abstract :
An intrusion detection system (IDS) is a crucial element of a network security posture. Although there are many IDS products available, it is rather difficult to find information about their accuracy. Only a few organizations evaluate these products. Furthermore, the data used to test and evaluate these IDS is usually proprietary. Thus, the research community cannot easily evaluate the next generation of IDS. Toward this end, DARPA provided in 1998, 1999 and 2000 an intrusion detection evaluation data set. However, no new data set has been released by DARPA since 2000, in part because of the cumbersomeness of the task. In this paper, we propose a strategy to address certain aspects of generating a publicly available documented data set for testing and evaluating intrusion detection systems. We also present a tool that automatically analyzes and evaluates IDS using our proposed data set
Keywords :
security of data; intrusion detection system; network security; traffic trace generation; Automatic testing; Communication system security; Computer crime; Data security; Databases; Information security; Intrusion detection; NIST; System testing; Telecommunication traffic;
Conference_Titel :
Computer Security Applications Conference, 2006. ACSAC '06. 22nd Annual
Conference_Location :
Miami Beach, FL
Print_ISBN :
0-7695-2716-7
DOI :
10.1109/ACSAC.2006.15
