A Testbed for Quantitative Assessment of Intrusion Detection Systems using Fuzzy Logic

Authors:
Gautam Singaraju;Lawrence Teo;Yuliang Zheng
Affiliations:
-;-;-
Venue:
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Year:
2004

Citing 18
Cited 0

Fuzzy logic for business and industry

Fuzzy logic for business and industry
A course in fuzzy systems and control

A course in fuzzy systems and control
Towards a taxonomy of intrusion-detection systems

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Intrusion detection

Intrusion detection
HTTP/TCP connection and flow characteristics

Performance Evaluation - Special issue on internet performance modelling
The 1999 DARPA off-line intrusion detection evaluation

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Security issues in control, management and routing protocols

Computer Networks: The International Journal of Computer and Telecommunications Networking - Pioneering tomorrow's Internet Selected papers from the TERENA Networking Conference 2000 22–25 May 2000, Lisbon, Portugal
What TCP/IP protocol headers can tell us about the web

Proceedings of the 2001 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory

ACM Transactions on Information and System Security (TISSEC)
Honeypots: Tracking Hackers

Honeypots: Tracking Hackers
Network Intrusion Detection: An Analyst's Handbook

Network Intrusion Detection: An Analyst's Handbook
Intrusion Signatures and Analysis

Intrusion Signatures and Analysis
Models of mail server workloads

Performance Evaluation
Evaluation of the performance of ID systems in a switched and distributed environment: the real secure case study

Computer Networks: The International Journal of Computer and Telecommunications Networking
A Metrics-Based Approach to Intrusion Detection System Evaluation for Distributed Real-Time Systems

IPDPS '02 Proceedings of the 16th International Parallel and Distributed Processing Symposium
Intrusion Detection Testing and Benchmarking Methodologies

IEEE-IWIA '03 Proceedings of the First IEEE International Workshop on Information Assurance (IWIA'03)
Analyzing Distributed Denial of Service Tools: The Shaft Case

LISA '00 Proceedings of the 14th USENIX conference on System administration
E-mail bombs and countermeasures: cyber attacks on availability and brand integrity

IEEE Network: The Magazine of Global Internetworking

Quantified Score

Hi-index	0.00

Visualization

Abstract

The current Intrusion Detection System (IDS) technologyis a major investment for a firm and its evaluation is desiredprior to a commitment. A testbed compares differentIDSs on a common platform. A major challenge in evaluatingIDSs stems from the fact that they are generally testedin specific environments. A real-world environment couldbe different from the environment designed for a testbed.The results obtained, from such testbeds, may not be accurateand reliable. Hence, a quantitative and metrics basedevaluation of IDSs is desired.We propose Testbed for evaluating Intrusion DetectionSystems (TIDeS), that allows a user to select the best IDSfor a specific customized environment. A quantitative analysisis provided by TIDeS, using fuzzy logic, under varyingnetwork loads. We also propose robust metrics to evaluatean IDS. We follow up with recommendations, based on ourexperience, on the general practices in the field of IDSs.