|
IDS
mailing list archives
Re: IDS evaluations procedures
From: Joel Esler <eslerj () gmail com>
Date: Tue, 12 Jul 2005 10:48:18 -0400
depends on the bandwidth of the network.
On 12 Jul 2005 02:40:18 -0000, david.sames () sparta com
<david.sames () sparta com> wrote:
I'm in the process of developing test procedures for evaluating an internal anomaly-based detection system. I'd like
to construct a test set of nominal data peppered with attack data. What is a reasonable ratio of attack data to
"normal" traffic that is representative of "real" systems.
Thanks,
Dave
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
| 
