[Snort-devel] A question about comparing IDSs

Ravi ravivsn at ...2125...
Thu Apr 8 22:07:05 EDT 2004


http://www.nss.co.uk
Cheers
-Ravi

Islam Hegazy wrote:

> Dear All,
>  
> I am Islam Hegazy, a researcher in the faculty of Computer and 
> Information Sciences, Ain Shams University, Egypt. I am interested in 
> IDSs. I have developed an IDS that can detect DoS attacks, Ping sweep 
> attacks, and secure documents thefts. I need to compare my results 
> with other IDSs or to confirm that the false positives, false 
> negatives, detection time and response time are acceptable. I searched 
> the commercial products sites, like Cisco, Sans, RealSecure. Snort, 
> but they don't provide their experimental results. I also searched 
> Network security magazine, IEEE, ACM but all the papers that I got 
> talked about designs or frameworks but they don't publish any 
> experimental results. I wonder if you can guide me to the right 
> direction to find experimental results or anything that talks about 
> acceptable false positives, false negatives, detection time and 
> response time ranges so that I can finish my work.
>  
> Thanks
> Islam Hegazy








More information about the Snort-devel mailing list