IDS mailing list archives
Re: IDS data sets
From: Stefano Zanero <zanero () elet polimi it>
Date: Wed, 02 Mar 2005 12:09:52 +0100
Roberto Perdisci wrote:
To the best of my knowledge, the MIT-DARPA dataset is the most recent and valid dataset created in order to test the performances of IDSs.
The DARPA dataset is the _only_ available dataset, which does not mean it's a good one :)
For this reason, dispite it is 5 years old, it is currently considered as the point of reference in the research field.
This is a problem, as shown in McHughs paper.
Nevertheless, some authors have attemted to use data collected duringhacker's contests like the DEFCON.
Such a dataset is good for research, but is worthless for determining detection rates since it's unlabeled.
-- Best, Stefano Zanero Dottorando di Ricerca / Ph.D. Student Politecnico di Milano - Dip. Elettronica e Informazione E-mail: zanero () elet polimi it Web: www.elet.polimi.it/upload/zanero -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
--------------------------------------------------------------------------
Current thread:
- Re: IDS data sets Roberto Perdisci (Mar 02)
- Re: IDS data sets Stefano Zanero (Mar 02)