IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: how to test IDS performance?

From: "Kostas G. Anagnostakis" <anagnost () dsl cis upenn edu>
Date: Fri, 23 May 2003 14:27:58 -0400 (EDT)

Some recent work (in progress) on IDS evaluation with emphasis on
string matching algorithms is described in:

http://www.cis.upenn.edu/~anagnost/papers/idsperf-draft-may03.ps

Some of the main points are that you get very different results
depending on test traffic, hardware setup, and that one should
be cautious when using uniformly random payloads and "synthetic"
rulesets for benchmarking.

We'd appreciate comments/feedback on this. thanks!

--kostas

-------------------------------------------------------------------------------
INTRUSION PREVENTION: READY FOR PRIME TIME?

IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities 
- including intrusion identification, relevancy, direction, impact and analysis 
- enabling a path to prevention.

Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: 
http://www.securityfocus.com/IntruVert-focus-ids2
-------------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: