Date Published: July 11, 2003
Author(s)
Peter Mell (NIST), Vincent Hu (NIST), Richard Lippmann (MIT Lincoln Laboratory), Josh Haines (MIT Lincoln Laboratory), Marc Zissman (MIT Lincoln Laboratory)
While intrusion detection systems are becoming ubiquitous defenses in today's networks, currently we have no comprehensive and scientifically rigorous methodology to test the effectiveness of these systems. This paper explores the types of performance measurements that are desired and that have been used in the past. We review many past evaluations that have been designed to assess these metrics. We also discuss the hurdles that have blocked successful measurements in this area and present suggestions for research directed toward improving our measurement capabilities.
While intrusion detection systems are becoming ubiquitous defenses in today's networks, currently we have no comprehensive and scientifically rigorous methodology to test the effectiveness of these systems. This paper explores the types of performance measurements that are desired and that have been...
See full abstract
While intrusion detection systems are becoming ubiquitous defenses in today's networks, currently we have no comprehensive and scientifically rigorous methodology to test the effectiveness of these systems. This paper explores the types of performance measurements that are desired and that have been used in the past. We review many past evaluations that have been designed to assess these metrics. We also discuss the hurdles that have blocked successful measurements in this area and present suggestions for research directed toward improving our measurement capabilities.
Hide full abstract
Keywords
IDS performance measurement methodology; intrusion detection system (IDS); quantitative testing of IDSs
Control Families
None selected