1st International ICST Conference on Scalable Information Systems

Research Article

An evaluation technique for network intrusion detection systems

  • @INPROCEEDINGS{10.1145/1146847.1146870,
        author={Dana  Zhang and Christopher  Leckie},
        title={An evaluation technique for network intrusion detection systems},
        proceedings={1st International ICST Conference on Scalable Information Systems},
        publisher={ACM},
        proceedings_a={INFOSCALE},
        year={2006},
        month={6},
        keywords={},
        doi={10.1145/1146847.1146870}
    }
    
  • Dana Zhang
    Christopher Leckie
    Year: 2006
    An evaluation technique for network intrusion detection systems
    INFOSCALE
    ACM
    DOI: 10.1145/1146847.1146870
Dana Zhang1,2,*, Christopher Leckie1,3,4,*
  • 1: Department of Computer Science and Software Engineering
  • 2: The University of Melbourne, Parkville, Victoria 3010, Australia
  • 3: The University of Melbourne
  • 4: Parkville, Victoria 3010, Australia
*Contact email: zhangd@csse.unimelb.edu.au, caleckie@csse.unimelb.edu.au

Abstract

Various algorithms have been developed to identify different types of network intrusions, however there is no heuristic to confirm the accuracy of their results. The exact effectiveness of a network intrusion detection system's ability to identify malicious sources cannot be reported unless a concise measurement of performance is available. This paper addresses the need for an evaluation technique and proposes a comparison technique for current scan detection algorithms that can accurately measure the false positive rate and precision of identified scanners.