Standard Data Sets for CEP/IDS Evaluation

We have been discussing standard data sets for CEP on CEP-Interest lately and have introduced the topic of “event cloud generation” here.    For those interested in applying CEP to intrusion detection, there is an evaluation dataset available from MIT.  

“These evaluations measured probability of detection and probability of false-alarm for each system under test.  These evaluations contributed significantly to the intrusion detection research field by providing direction for research efforts and an objective calibration of the technical state-of-the-art.  They are of interest to all researchers working on the general problem of workstation and network intrusion detection.  The evaluation was designed to be simple, to focus on core technology issues, and to encourage the widest possible participation by eliminating security and privacy concerns, and by providing data types that were used commonly by the majority of intrusion detection systems.”

Two data sets are the result of the DARPA Intrusion Detection Evaluations.

  • 1998 DARPA Intrusion Detection Evaluation Data Sets
  • 1999 DARPA Intrusion Detection Evaluation Data Sets

Three additional data sets are the result of experiments run in 2000 to
  address specific scenarios.

  • 2000 DARPA Intrusion Detection Scenario Specific Data Sets

For folks seeking standard traces or datasets to evaluate CEP solutions for intrusion or fraud detection, the DARPA dataset is an excellent place to start.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: