A Novel Metric for the Evaluation of IDSs Effectiveness
作者: Khalid Nasr , Anas Abou El Kalam
DOI: 10.1007/978-3-642-55415-5_18
关键词:
摘要: Nowadays intrusion detection system (IDS) has a considerable attention as crucial element in network security. The question that arises is which IDS effective for our system? answer should inevitably take into account the evaluation of IDSs effectiveness. Dealing with this challenge, many valuable metrics have been introduced such receiver operating characteristic (ROC) curve, Bayesian rate, capability, characteristic, cost-based metrics, etc. benefits and drawbacks these are discussed paper. We subsequently propose novel metric called effectiveness (E ID ) manipulates existing ones, taking all essential related parameters. demonstrate utility E over previously proposed how it realizes measurement actual rather than relative followed by ones. can be used evaluating wired or wireless Additionally, we conduct experimental two popular (WIDSs), Kismet AirSnare, to illustrate .
springer.com
sci-hub.se 参考文章(10)
Khalid Nasr, Anas Abou El Kalam, Christian Fraboul, An IDS Evaluation-Centric Taxonomy of Wireless Security Attacks International Conference on Network Security and Applications. pp. 402- 413 ,(2011) , 10.1007/978-3-642-22540-6_39
R.P. Lippmann, D.J. Fried, I. Graf, J.W. Haines, K.R. Kendall, D. McClung, D. Weber, S.E. Webster, D. Wyschogrod, R.K. Cunningham, M.A. Zissman, Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation darpa information survivability conference and exposition. ,vol. 2, pp. 12- 26 ,(2000) , 10.1109/DISCEX.2000.821506
Guofei Gu, Prahlad Fogla, David Dagon, Wenke Lee, Boris Skorić, Measuring intrusion detection capability Proceedings of the 2006 ACM Symposium on Information, computer and communications security - ASIACCS '06. pp. 90- 101 ,(2006) , 10.1145/1128817.1128834
Stefan Axelsson, The base-rate fallacy and its implications for the difficulty of intrusion detection computer and communications security. pp. 1- 7 ,(1999) , 10.1145/319709.319710
A.A. Cardenas, J.S. Baras, K. Seamon, A framework for the evaluation of intrusion detection systems ieee symposium on security and privacy. pp. 63- 77 ,(2006) , 10.1109/SP.2006.2
Richard Lippmann, Joshua W. Haines, David J. Fried, Jonathan Korba, Kumar Das, Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation recent advances in intrusion detection. pp. 162- 182 ,(2000) , 10.1007/3-540-39945-3_11
J.E. Gaffney, J.W. Ulvila, Evaluation of intrusion detectors: a decision theory approach ieee symposium on security and privacy. pp. 50- 61 ,(2001) , 10.1109/SECPRI.2001.924287
S.J. Stolfo, Wei Fan, Wenke Lee, A. Prodromidis, P.K. Chan, Cost-based modeling for fraud and intrusion detection: results from the JAM project darpa information survivability conference and exposition. ,vol. 2, pp. 130- 144 ,(2000) , 10.1109/DISCEX.2000.821515
Advances in Network Security and Applications Springer Berlin Heidelberg. ,(2011) , 10.1007/978-3-642-22540-6
Erwin Kreyszig, Advanced Engineering Mathematics ,(1965)