A case study of three open source security management tools

IFIP/IEEE Eighth International Symposium on Integrated Network Management, 2003. Pub Date : 2003-03-24 DOI:10.1109/INM.2003.1194165

H. G. Kayacik, A. N. Zincir-Heywood

引用次数: 12

Abstract

Three open source security management tools - Snort, Pakemon, and Argus $are benchmarked against the DARPA 1999 Intrusion Detection Evaluation Data Set. Performance is characterized using multiple performance metrics. Snort is found to have the best performance in terms of detection rate, however it creates more false positives than desired. The results show that different tools perform well under different attack categories; hence they can be run at the same time to increase the detection rate of attack instances.

查看原文本刊更多论文

三个开源安全管理工具的案例研究

三个开源安全管理工具——Snort、Pakemon和Argus $是针对DARPA 1999入侵检测评估数据集进行基准测试的。性能是使用多个性能指标来描述的。就检测率而言，Snort的性能最好，但是它产生的误报比预期的要多。结果表明，不同的工具在不同的攻击类别下表现良好;因此，它们可以同时运行，以提高攻击实例的检测率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IFIP/IEEE Eighth International Symposium on Integrated Network Management, 2003.

自引率

0.00%

发文量