ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

Usefulness of DARPA dataset for intrusion detection system evaluation

Thomas, Ciza and Sharma, Vishwas and Balakrishnan, N (2008) Usefulness of DARPA dataset for intrusion detection system evaluation. In: Conference on Data Mining, Intrusion Detection, Information Assurance and Data Networks Security 2008, MAR 17-18, 2008, Orlando.

[img]
Preview
PDF
darpa.pdf - Accepted Version

Download (81Kb)
Official URL: http://spiedl.aip.org/getabs/servlet/GetabsServlet...

Abstract

The MIT Lincoln Laboratory IDS evaluation methodology is a practical solution in terms of evaluating the performance of Intrusion Detection Systems, which has contributed tremendously to the research progress in that field. The DARPA IDS evaluation dataset has been criticized and considered by many as a very outdated dataset, unable to accommodate the latest trend in attacks. Then naturally the question arises as to whether the detection systems have improved beyond detecting these old level of attacks. If not, is it worth thinking of this dataset as obsolete? The paper presented here tries to provide supporting facts for the use of the DARPA IDS evaluation dataset. The two commonly used signature-based IDSs, Snort and Cisco IDS, and two anomaly detectors, the PHAD and the ALAD, are made use of for this evaluation purpose and the results support the usefulness of DARPA dataset for IDS evaluation.

Item Type: Conference Paper
Additional Information: Copyright of this article belongs to The International Society for Optical Engineering..
Keywords: Intrusion Detection Systems (IDS);DARPA dataset.
Department/Centre: Division of Information Sciences > Supercomputer Education & Research Centre
Date Deposited: 12 Apr 2010 08:37
Last Modified: 16 Dec 2010 08:41
URI: http://eprints.iisc.ernet.in/id/eprint/26885

Actions (login required)

View Item View Item