An evaluation technique for network intrusion detection systems

Dana  Zhang; Christopher  Leckie

1st International ICST Conference on Scalable Information Systems

Research Article

An evaluation technique for network intrusion detection systems

Cite: BibTeX Plain Text

@INPROCEEDINGS{10.1145/1146847.1146870,
    author={Dana  Zhang and Christopher  Leckie},
    title={An evaluation technique for network intrusion detection systems},
    proceedings={1st International ICST Conference on Scalable Information Systems},
    publisher={ACM},
    proceedings_a={INFOSCALE},
    year={2006},
    month={6},
    keywords={},
    doi={10.1145/1146847.1146870}
}

Dana Zhang
Christopher Leckie
Year: 2006
An evaluation technique for network intrusion detection systems
INFOSCALE
ACM
DOI: 10.1145/1146847.1146870

Dana Zhang^1,2^,*, Christopher Leckie^1,3,4^,*

1: Department of Computer Science and Software Engineering
2: The University of Melbourne, Parkville, Victoria 3010, Australia
3: The University of Melbourne
4: Parkville, Victoria 3010, Australia

*Contact email: zhangd@csse.unimelb.edu.au, caleckie@csse.unimelb.edu.au

Abstract

Various algorithms have been developed to identify different types of network intrusions, however there is no heuristic to confirm the accuracy of their results. The exact effectiveness of a network intrusion detection system's ability to identify malicious sources cannot be reported unless a concise measurement of performance is available. This paper addresses the need for an evaluation technique and proposes a comparison technique for current scan detection algorithms that can accurately measure the false positive rate and precision of identified scanners.

Published: 2006-06-01
Publisher: ACM

: http://dx.doi.org/10.1145/1146847.1146870

An evaluation technique for network intrusion detection systems

Abstract

About EAI

Community

Publish with EAI