IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS data sets

From: Stefano Zanero <zanero () elet polimi it>
Date: Wed, 02 Mar 2005 12:09:52 +0100
Roberto Perdisci wrote:


To the best of my knowledge, the MIT-DARPA dataset is the most recent
and valid dataset created in order to test the performances of IDSs.
The DARPA dataset is the _only_ available dataset, which does not mean it's a good one :) 


For this reason, dispite it is 5 years old, it is currently considered
as the point of reference in the research field.


This is a problem, as shown in McHughs paper.


Nevertheless, some authors have attemted to use data collected during
hacker's contests like the DEFCON.
Such a dataset is good for research, but is worthless for determining detection rates since it's unlabeled. 

--
Best,
Stefano Zanero
Dottorando di Ricerca / Ph.D. Student

Politecnico di Milano - Dip. Elettronica e Informazione
E-mail: zanero () elet polimi it
Web:    www.elet.polimi.it/upload/zanero

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. 
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: