[Snort-devel] A question about comparing IDSs
islheg at ...445...
Thu Apr 8 08:01:07 EDT 2004
I am Islam Hegazy, a researcher in the faculty of Computer and Information Sciences, Ain Shams University, Egypt. I am interested in IDSs. I have developed an IDS that can detect DoS attacks, Ping sweep attacks, and secure documents thefts. I need to compare my results with other IDSs or to confirm that the false positives, false negatives, detection time and response time are acceptable. I searched the commercial products sites, like Cisco, Sans, RealSecure. Snort, but they don't provide their experimental results. I also searched Network security magazine, IEEE, ACM but all the papers that I got talked about designs or frameworks but they don't publish any experimental results. I wonder if you can guide me to the right direction to find experimental results or anything that talks about acceptable false positives, false negatives, detection time and response time ranges so that I can finish my work.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel