New approach to evaluate the capacity of signature-based intrusion detection systems

New approach to evaluate the capacity of signature-based intrusion detection systems

For improving the accuracy of IDS evaluation,after the detection method of signature-based IDS was analyzed,pointed out that the current methods are not reasonable,and proposed the principle to evaluate the capability of IDS im-plementation and the capability of rule base respectively.The method to...

Full description

Saved in:
Bibliographic Details
Main Authors: SUN Mei-feng1, GONG Jian1, YANG Wang1
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2007-01-01
Series:Tongxin xuebao
Subjects:
intrusion detection
signature-based intrusion detection system
evaluation
Online Access:http://www.joconline.com.cn/zh/article/74656886/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:For improving the accuracy of IDS evaluation,after the detection method of signature-based IDS was analyzed,pointed out that the current methods are not reasonable,and proposed the principle to evaluate the capability of IDS im-plementation and the capability of rule base respectively.The method to evaluate the capability of IDS implementation,which views the human knowledge as parameters,was introduced.The definition of metrics and how to calculate the value of metrics are mainly discussed.A prototype was implemented which shows that this new method can evaluate the real capacity better for a signature-based IDS.
ISSN:1000-436X

Similar Items