| IDS is an important component of the network security system. With the development and application of IDS, we need to have a scientifically credible test for IDS. It's very difficult to establish an uniform testing method and evaluation criteria for different IDS. Since there is no industry standard for the test and evaluation of IDS, it's urgent to research for the test and evaluation of IDS.This paper gives a brief introduction of IDS firstly, then introduces relevant content of the IDS evaluation, including the IDS evaluation criteria, performance indicators and testing methods; also describes the commonly used IDS testing methods:active testing and passive testing. The advantages and disadvantages also have been analyzed in this thesis, usually there are limitations if only single testing method is used. Therefore, we put forward a test method composed of active test and passive test, and introduce this method based on NIDS test. Our test method make full use of the advantages of the two methods to increase IDS test's accuracy. Finally, according to initial passive testing, targeted active testing and last passive testing in our method, applying our method in the campus network for the testing practices of NIDS is described in detail. In practice, we implement the campus network traffic monitoring and analysis, complete a large number of test cases and initial attempt of the automated testing. By practice, we sum up the advantages of the test method composed of active test and passive test in IDS testing. |
PDF Full Text Request