Abstract
The current Intrusion Detection System (IDS) technology is a major investment for a firm and its evaluation is desired prior to a commitment. A testbed compares different IDSs on a common platform. A major challenge in evaluating IDSs stems from the fact that they are generally tested in specific environments. A real-world environment could be different from the environment designed for a testbed. The results obtained, from such testbeds, may not be accurate and reliable. Hence, a quantitative and metrics based evaluation of IDSs is desired. We propose Testbed for evaluating Intrusion Detection Systems (TIDeS), that allows a user to select the best IDS for a specific customized environment. A quantitative analysis is provided by TIDeS, using fuzzy logic, under varying network loads. We also propose robust metrics to evaluate an IDS. We follow up with recommendations, based on our experience, on the general practices in the field of IDSs.