Standard Data Sets for CEP/IDS Evaluation
We have been discussing standard data sets for CEP on CEP-Interest lately and have introduced the topic of “event cloud generation” here. For those interested in applying CEP to intrusion detection, there is an evaluation dataset available from MIT.
“These evaluations measured probability of detection and probability of false-alarm for each system under test. These evaluations contributed significantly to the intrusion detection research field by providing direction for research efforts and an objective calibration of the technical state-of-the-art. They are of interest to all researchers working on the general problem of workstation and network intrusion detection. The evaluation was designed to be simple, to focus on core technology issues, and to encourage the widest possible participation by eliminating security and privacy concerns, and by providing data types that were used commonly by the majority of intrusion detection systems.”
Two data sets are the result of the DARPA Intrusion Detection Evaluations.
- 1998 DARPA Intrusion Detection Evaluation Data Sets
- 1999 DARPA Intrusion Detection Evaluation Data Sets
Three additional data sets are the result of experiments run in 2000 to
address specific scenarios.
- 2000 DARPA Intrusion Detection Scenario Specific Data Sets
For folks seeking standard traces or datasets to evaluate CEP solutions for intrusion or fraud detection, the DARPA dataset is an excellent place to start.