Evaluating Computer Intrusion Detection Systems: A Survey of Common Practices

被引：116

作者：

Milenkoski, Aleksandar ^{[1
]}

Vieira, Marco ^{[2
]}

Kounev, Samuel ^{[1
]}

Avritzer, Alberto ^{[3
]}

Payne, Bryan D. ^{[4
]}

机构：

[1] Univ Wurzburg, D-97074 Wurzburg, Germany

[2] Univ Coimbra, P-3030290 Coimbra, Portugal

[3] Siemens Corp, Corp Technol, Princeton, NJ 08540 USA

[4] Netflix Inc, Los Gatos, CA 95032 USA

来源：

ACM COMPUTING SURVEYS | 2015年 / 48卷 / 01期

关键词：

Computer intrusion detection systems; workload generation; metrics; measurement methodology; NIDS;

D O I：

10.1145/2808691

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

The evaluation of computer intrusion detection systems (which we refer to as intrusion detection systems) is an active research area. In this article, we survey and systematize common practices in the area of evaluation of such systems. For this purpose, we define a design space structured into three parts: workload, metrics, and measurement methodology. We then provide an overview of the common practices in evaluation of intrusion detection systems by surveying evaluation approaches and methods related to each part of the design space. Finally, we discuss open issues and challenges focusing on evaluation methodologies for novel intrusion detection systems.

引用

页数：41

共 65 条

[1] A misuse-based network intrusion detection system using temporal logic and stream processing
Ahmed A.
Lisitsa A.
Dixon C.
[J]. Proceedings - 2011 5th International Conference on Network and System Security, NSS 2011, 2011, : 1 - 8
[2] Allalouf M., 2010, MASS STORAGE SYSTEMS, P1
[3] MARS: Multi-stage Attack Recognition System
Alserhani, Faeiz
Akhlaq, Monis
Awan, Irfan U.
Cullen, Andrea J.
Mirchandani, Pravin
[J]. 2010 24TH IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS (AINA), 2010, : 753 - 759
[4] [Anonymous], 2008, 2008 16 IEEE INT C N
[5] [Anonymous], 2006, P 2006 ACM S INF COM
[6] [Anonymous], 2007, NIST SPECIAL PUBLICA
[7] Avritzer A., 2010, P 1 JOINT WOSPSIPEW, P93
[8] Axelsson S., 2000, ACM Transactions on Information and Systems Security, V3, P186, DOI 10.1145/357830.357849
[9] Bharadwaja S., 2011, Proceedings of the 2011 Eighth International Conference on Information Technology: New Generations (ITNG), P695, DOI 10.1109/ITNG.2011.123
[10] Evasion Techniques: Sneaking through Your Intrusion Detection/Prevention Systems
Cheng, Tsung-Huan
Lin, Ying-Dar
Lai, Yuan-Cheng
Lin, Po-Ching
[J]. IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2012, 14 (04) : 1011 - 1020

← 1 2 3 4 5 6 7 →