Survey on Evaluation of Intrusion Detection Systems
入侵检测系统评估技术述评

With the deeply research on intrusion detection techniques and the widely use of intrusion detection products,the evaluation of intrusion detection systems becomes an important research field. The primary aspects of intrusion detection systems in an evaluation are expressed .including detection rate and false positive, detection range, detection delay, loading ability and so on. Relative works of the evaluation of intrusion detection systems is introduced. The test network environment and evaluation model in 1999 DARPA off-line evaluation are analyzed and criticized. The critical techniques when evaluating intrusion detection systems,such as emulation of network traffic and host usage,emulation of attacks and evaluation report generation,are discussed.