TY - GEN
T1 - Automatic evaluation of intrusion detection systems
AU - Massicotte, Frédéric
AU - Gagnon, François
AU - Labiche, Yvan
AU - Briand, Lionel
AU - Couture, Mathieu
PY - 2006
Y1 - 2006
N2 - An Intrusion Detection System (IDS) is a crucial element of a network security posture. Although there are many IDS products available, it is rather difficult to find information about their accuracy. Only a few organizations evaluate these products. Furthermore, the data used to test and evaluate these IDS is usually proprietary. Thus, the research community cannot easily evaluate the next generation of IDS. Toward this end, DARPA provided in 1998, 1999 and 2000 an Intrusion Detection Evaluation Data Set. However, no new data set has been released by DARPA since 2000, in part because of the cumbersomeness of the task. In this paper, we propose a strategy to address certain aspects of generating a publicly available documented data set for testing and evaluating intrusion detection systems. We also present a tool that automatically analyzes and evaluates IDS using our proposed data set.
AB - An Intrusion Detection System (IDS) is a crucial element of a network security posture. Although there are many IDS products available, it is rather difficult to find information about their accuracy. Only a few organizations evaluate these products. Furthermore, the data used to test and evaluate these IDS is usually proprietary. Thus, the research community cannot easily evaluate the next generation of IDS. Toward this end, DARPA provided in 1998, 1999 and 2000 an Intrusion Detection Evaluation Data Set. However, no new data set has been released by DARPA since 2000, in part because of the cumbersomeness of the task. In this paper, we propose a strategy to address certain aspects of generating a publicly available documented data set for testing and evaluating intrusion detection systems. We also present a tool that automatically analyzes and evaluates IDS using our proposed data set.
UR - http://www.scopus.com/inward/record.url?scp=34748914659&partnerID=8YFLogxK
U2 - 10.1109/ACSAC.2006.15
DO - 10.1109/ACSAC.2006.15
M3 - Conference contribution
AN - SCOPUS:34748914659
SN - 0769527167
SN - 9780769527161
T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC
SP - 361
EP - 370
BT - Proceedings - Annual Computer Security Applications Conference, ACSAC
T2 - 22nd Annual Computer Security Applications Conference, ACSAC 2006
Y2 - 11 December 2006 through 15 December 2006
ER -