Skip to main content
Conference Proceedings

Using rule-based activity descriptions to evaluate intrusion-detection systems

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2000) 1907 183-196
DOI: 10.1007/3-540-39945-3_12
8Citations
Citations of this article
9Readers
Mendeley users who have this article in their library.
Get full text

Abstract

After more than a decade of development, there are now many commercial and non-commercial intrusion-detection systems (IDSes) available. However, they tend to generate false alarms at high rates while overlooking real threats. The results described in this paper have been obtained in the context of work that aims to identify means for supporting the analysis, evaluation, and design of large-scale intrusiondetection architectures. We propose a practical method for evaluating IDSes and identifying their strengths and weaknesses. Our approach shall allow us to evaluate IDSes for their capabilities, unlike existing approaches that evaluate their implementation. It is furthermore shown how the obtained knowledge can be used to analyze and evaluate an IDS.

Cite

CITATION STYLE

APA

Alessandri, D. (2000). Using rule-based activity descriptions to evaluate intrusion-detection systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 1907, pp. 183–196). Springer Verlag. https://doi.org/10.1007/3-540-39945-3_12

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free