IDS mailing list archives

Re: Intrusion Detection Evaluation Datasets

From: Paul Palmer <b.paul.palmer () gmail com>
Date: Fri, 13 Mar 2009 16:53:48 -0400

My mistake. I had not read far enough back on this branch of the
thread and did not realize that it was specifically discussing anomaly
detection. Thank you for clarifying Stefano.

On Fri, Mar 13, 2009 at 3:58 PM, Stefano Zanero <zanero () elet polimi it> wrote:

Paul Palmer wrote:

Isn't this essentially one of the things that NSS does as part of their
product reviews?


Nope, it isn't.

NSS's evaluation is essentially targeted at misuse detectors (which are
the overwhelming majority of commercial products), and does not really
take into account an appropriate definition of false positives or
detection rates, because they don't make really sense for misuse detectors.

Granted, getting your product reviewed is not free, but I think you would
find that it is probably cheaper to have NSS perform the evaluation than
investing in the infrastructure to do it yourself.


NSS evaluation technique are not suitable for the evaluation of anomaly
detectors, in particular for academic purposes.

Stefano

Current thread:

Re: Intrusion Detection Evaluation Datasets, (continued)
- - Re: Intrusion Detection Evaluation Datasets Stefano Zanero (Mar 09)
- Re: Re: Intrusion Detection Evaluation Datasets zubair . shafiq (Mar 10)
  - Re: Intrusion Detection Evaluation Datasets Stefano Zanero (Mar 11)
    - Re: Intrusion Detection Evaluation Datasets "Zow" Terry Brugger (Mar 12)
    - Re: Intrusion Detection Evaluation Datasets Paul Palmer (Mar 12)
    - Re: Intrusion Detection Evaluation Datasets Stuart Staniford (Mar 13)
    - Re: Intrusion Detection Evaluation Datasets Stefano Zanero (Mar 13)
    - Re: Intrusion Detection Evaluation Datasets "Zow" Terry Brugger (Mar 13)
    - Re: Intrusion Detection Evaluation Datasets Paul Palmer (Mar 13)
    - Re: Intrusion Detection Evaluation Datasets Stefano Zanero (Mar 13)
    - Re: Intrusion Detection Evaluation Datasets Paul Palmer (Mar 13)
    - Re: Intrusion Detection Evaluation Datasets Stefano Zanero (Mar 13)
    - Message not available
    - Re: Intrusion Detection Evaluation Datasets "Zow" Terry Brugger (Mar 13)
    - Re: Intrusion Detection Evaluation Datasets Paul Palmer (Mar 13)
    - Re: Intrusion Detection Evaluation Datasets Damiano Bolzoni (Mar 16)
    - Re: Intrusion Detection Evaluation Datasets Paul Schmehl (Mar 17)
    - Re: Intrusion Detection Evaluation Datasets Damiano Bolzoni (Mar 17)
    - Re: Intrusion Detection Evaluation Datasets Paul Schmehl (Mar 18)
    - Re: Intrusion Detection Evaluation Datasets Seth Hall (Mar 18)
    - Re: Intrusion Detection Evaluation Datasets Damiano Bolzoni (Mar 18)
    - Re: Intrusion Detection Evaluation Datasets Stefano Zanero (Mar 18)

(Thread continues...)