Check out this document from NIST.
NIST
IR 7007 "An Overview of Issues in Testing Intrusion Detection Systems",
June 2003
http://csrc.nist.gov/publications/nistir/nistir-7007.pdf
They compare a bunch of different evaluations. Here is a text cut from
the PDF listing them...
MITRE 1997
UC Davis 1997
MIT/LL 1998
MIT/LL 1999
AFRL 1998
Neohapsis 2001
NSS 2001
Network World 2001
If you are looking for a way to perform your own evaluation, I wrote
this document in 1998.
http://www.cis.udel.edu/~zhi/www.docshow.net/ids/IDS_Prod_Eval_Criteria.
zip
This page from Deborah Frinke at U of Idaho CS is pretty good.
It
http://www.cis.udel.edu/~zhi/www.docshow.net/ids.htm
Good luck!
Steve
> I am looking for reviews/evaluations of commercial, government, and
> open-source Intrusion Detection Systems (and Vulnerability
> Scanners too, if
> these reviews exist). So far, I have the following sources:
>
> - Evaluation by NSS (http://www.nss.co.uk)
> - Neohapsis OSEC
> - Network Computing's 2001 Study (which favored Dragon)
> - 2002 Information Security Excellence Winners
> - Various reviews by SC Magazine in the "testcenter" section
>
> I am looking for more, if they exist. And, I do realize that these
> evaluations might not be that great (I have to take them with
> a grain of
> salt), but I still would like to read them.
>
---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
- Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
- Automatically Control P2P, IM and Spam Traffic
- Ensure Reliable Performance of Mission Critical Applications
Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at: http://www.captusnetworks.com/ads/31.htm
---------------------------------------------------------------------------
Received on Aug 05 2003
Intro
