Publication:
Trends, problems and misconceptions on testing Network Intrusion Detection Systems effectiveness

Thumbnail Image
Identifiers
URI: https://hdl.handle.net/10016/14479
ISBN: 978-1-60692-781-6
Files
Orfila, Estevez-Tapiador, Ribagorda - 2009 - Trends, problems and misconceptions on testing Network Intrusion Detection Syste.pdf (166.97 KB)
Publication date
2009
Defense date
Authors
Advisors
Tutors
Journal Title
Journal ISSN
Volume Title
Publisher
Nova Publishers
Impact
Google Scholar
Export
Research Projects
Organizational Units
Journal Issue
Abstract
Network Intrusion Detection Systems (NIDS) are hardware or software systems that are used to identify and respond to intrusions in computer networks. An intrusion is a deliberate or accidental unauthorized access to or activity against any of the elements of the network. Evaluation of how effective different intrusion detection technologies are becomes mandatory, in order to know which is the one that better fits in a particular scenario. Nevertheless this is not an easy task. This chapter reviews the main problems regarding testing effectiveness: the absence of standard test methodologies and metrics, the drawbacks of current datasets, the different requirements for testing different technologies, etc. These conditions make evaluation difficult not only for the industry but also for researchers. Scientific proposals are often näively compared. We focus on providing evidence of this situation by means of supporting examples. Some guidelines for the future are finally proposed.
Description
Keywords
effectiveness evaluation, network intrusion detection
Bibliographic citation
Computer Security: Intrusion, Detection and Prevention. Nova Publishers, 2009, pp. 51-62
Collections
Capítulos de libros