Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: \ (zowacm.org)
Date: Fri Mar 06 2009 - 11:37:56 CST
> Apart from the Darpa datasets and KDD datasets, are there other
> publicly available
> Are these datasets useful for evaluating a new IDS system or even a
> new detection
Short answer: no.
> For evaluating a new technique or methodology using a dataset, especially when
> presenting the results to a conference, the validity of the dataset is critical.
> How does one solve this problem, if not for the limited number of
> standard datasets available?
No one has any good answers for this. I find it rather disconcerting
that people are still even working on advanced (non-signature based)
IDS, yet no one seems to be willing to put in the effort to address
the data problem. I have some further discussion about the problem and
what researchers could possibly do about it on my research page:
http://www.bruggerink.com/~zow/GradSchool/ . There's a fair amount of
personal narrative there -- you might want to scroll down the page to
the link to the technical report I put out on running Snort on the
DARPA data and start reading from there.
As anyone who reads that page might gather, this is an area I'm quite
interested in, and I'd be happy to discuss any ideas anyone might have
on how to address this problem.