Crossover Error Rate (WAS "Intrusion Prevention")

["Rob Shein" <shoten () starpower net>]

In evaluating the accuracy of biometrics, there are similar concerns to
those of IDS.  Instead of false positives and false negatives, we have
false rejects and false accepts.  Just as with an IDS, you can reduce
one at the expense of increasing the other, but unlike IDS, there's a
commonly-known standard called the CER, or "Crossover Error Rate," at
which point the system is tuned so that both kinds of false responses
occur with the same frequency.  That way, a vendor cannot say "Our
biometric system will never accept an unauthorized user!" and leave it
at that.  Asking them for their CER will catch them in the act, if it
turns out that when you tune the system properly it rejects 10% of valid
attempts and accepts 10% of invalid attempts.

Ok...the question I have is, how hard/easy would it be to come up with a
similar yardstick for an IDS?  I know that it's far more complex, owing
to the number of signatures, but would it potentially be possible to
come up with a standard set of attacks against which such a standard
could be measured?