Abstract
The features of actively detection of intrusion detection systems (IDSs) are crucial in cyberspace security evaluation. Most of existing evaluation models are insufficient for selecting proper IDS in varying situations since these methods only base on detection rate and false alarm ratio. The paper proposes an environment-related information security evaluation model for IDSs, and applies the model in a practical IDS evaluation process. Compared to existing ones, the proposed model considers two more factors: background traffic and workload, and thus can achieve a more objective and comprehensive evaluation result for IDSs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Stallings, W.: Network Security Essentials: Applications and Standards. Pearson Education India, Delhi (2007)
Herrmann, D.S.: Using the Common Criteria for IT Security Evaluation. CRC Press, Boca Raton (2002)
Gan, Z., He, J.: Study on multi-hierarchical fuzzy comprehensive evaluation of intrusion detection system. Appl. Res. Comput. 4, 29 (2006)
Li, L., Xia, Z., Xiong, J.: Study on evaluation method of multilayer hybrid intrusion detection system. Comput. Sci. 42 (2015)
Lippmann, R., Fried, D., Graf, I., Haines, J., Kendall, K., McClung, D., Zissman, M.: Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation. In: Proceedings of the DARPA Information Survivability Conference and Exposition, vol. 2, pp. 12–26. IEEE (2000)
Haines, J., Lippmann, R., Fried, D.: 1999 DARPA intrusion detection system evaluation: design and procedures. DARPA Intrusion Detection Evaluation Design & Procedures (2001)
Gu, G., Fogla, P., Dagon, D., Lee, W., Skorić, B.: Measuring intrusion detection capability: an information-theoretic approach. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 90–101. ACM (2006)
Aggarwal, P., Sharma, S.: A new metric for proficient performance evaluation of intrusion detection system. In: Herrero, Á., Baruque, B., Sedano, J., Quintián, H., Corchado, E. (eds.) International Joint Conference. AISC, vol. 369, pp. 321–331. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19713-5_28
Powers, D.: Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation. J. Mach. Learn. Technol. 2, 2229–2239 (2011)
Saaty, L.: How to make a decision: the analytic hierarchy process. Eur. J. Oper. Res. 48(1), 9–26 (1990)
Wang, X., Shi, Y., Huang, R.: Application of multi-layer fuzzy comprehensive evaluation method in debris flow assessment. J. Catastrophology 19(2), 1–6 (2004)
Acknowledgments
This work was supported by The Research of Key Technology and Application of Information Security Certification Project (No. 2016YFF0204001) of China Information Security Certification Center.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Cheng, R., Lu, Y., Gan, J. (2018). Environment-Related Information Security Evaluation for Intrusion Detection Systems. In: Li, B., Shu, L., Zeng, D. (eds) Communications and Networking. ChinaCom 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 237. Springer, Cham. https://doi.org/10.1007/978-3-319-78139-6_38
Download citation
DOI: https://doi.org/10.1007/978-3-319-78139-6_38
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78138-9
Online ISBN: 978-3-319-78139-6
eBook Packages: Computer ScienceComputer Science (R0)