Thomas, Ciza and Sharma, Vishwas and Balakrishnan, N (2008) Usefulness of DARPA dataset for intrusion detection system evaluation. In: Conference on Data Mining, Intrusion Detection, Information Assurance and Data Networks Security 2008, MAR 17-18, 2008, Orlando.
![[img]](http://eprints.iisc.ac.in/style/images/fileicons/application_pdf.png)
|
PDF
darpa.pdf - Accepted Version Download (83kB) |
Abstract
The MIT Lincoln Laboratory IDS evaluation methodology is a practical solution in terms of evaluating the performance of Intrusion Detection Systems, which has contributed tremendously to the research progress in that field. The DARPA IDS evaluation dataset has been criticized and considered by many as a very outdated dataset, unable to accommodate the latest trend in attacks. Then naturally the question arises as to whether the detection systems have improved beyond detecting these old level of attacks. If not, is it worth thinking of this dataset as obsolete? The paper presented here tries to provide supporting facts for the use of the DARPA IDS evaluation dataset. The two commonly used signature-based IDSs, Snort and Cisco IDS, and two anomaly detectors, the PHAD and the ALAD, are made use of for this evaluation purpose and the results support the usefulness of DARPA dataset for IDS evaluation.
| Item Type: | Conference Paper |
|---|---|
| Publisher: | The International Society for Optical Engineering |
| Additional Information: | Copyright of this article belongs to The International Society for Optical Engineering.. |
| Keywords: | Intrusion Detection Systems (IDS);DARPA dataset. |
| Department/Centre: | Division of Interdisciplinary Sciences > Supercomputer Education & Research Centre |
| Date Deposited: | 12 Apr 2010 08:37 |
| Last Modified: | 16 Dec 2010 08:41 |
| URI: | http://eprints.iisc.ac.in/id/eprint/26885 |
Actions (login required)
 |
View Item |
