IDS mailing list archives
Re: IDS testing methodologies
From: Raffael Marty <rmarty () arcsight com>
Date: Wed, 7 Jan 2004 15:54:36 -0800
Henrik, Maybe you should also have a look at some basic research which was done in this area: Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation, presented at Third Intl. Workshop on Recent Advances in Intrusion Detection (RAID2000) John McHugh, The 1998 Lincoln Laboratory IDS Evaluation: A Critique, presented at Third Intl. Workshop on Recent Advances in Intrusion Detection (RAID2000) And my work, which is called THOR (http://thor.cryptojail.net). It is about a testbed for IDSes and how to automate testing. It also talks about how you can use this environment to do correlation among multiple IDS sensors. Regards Raffy
I've learnt much at this website: http://www.nss.co.uk/
----- Original Message ----- From: "Henrik Falkenthros, direktoer" <hef () bridicum dk> To: <focus-ids () securityfocus com> Sent: Wednesday, December 31, 2003 3:42 AM Subject: IDS testing methodologiesHi List ! I'm trying to find out ways of testing different IDS systems; is there a 'recommended'/best practise methodology for testing Network based IDS (NIDS) ? Any information - papers, tools, links and own experience are much appreciated,,, 8-) cheers, Henrik Falkenthros
-- Raffael Marty, CISSP raffael.marty () arcsight com Security Engineer Content Team @ ArcSight Inc. 1309 South Mary Ave. Sunnyvale, CA 94087 (408) 328 5562 --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- Re: IDS testing methodologies, (continued)
- Re: IDS testing methodologies Nigel Houghton (Jan 02)
- Re: IDS testing methodologies Ron Gula (Jan 02)
- Re: IDS testing methodologies Alvin Oga (Jan 02)
- Re: IDS testing methodologies James Riden (Jan 05)
- Re: IDS testing methodologies Mike Lyman (Jan 05)
- Re: IDS testing methodologies s tart Alvin Oga (Jan 06)
- Re: IDS testing methodologies Stephen P. Berry (Jan 06)
- Re: IDS testing methodologies Sam f. Stover (Jan 02)
- RE: IDS testing methodologies Henrik Falkenthros, direktoer (Jan 05)
- Re: IDS testing methodologies hoop (Jan 05)
- Re: IDS testing methodologies Raffael Marty (Jan 08)
- RE: IDS testing methodologies Bob Walder (Jan 02)
- RE: IDS testing methodologies Raj_Dhingra (Jan 05)