My mistake. I had not read far enough back on this branch of the
thread and did not realize that it was specifically discussing anomaly
detection. Thank you for clarifying Stefano.

On Fri, Mar 13, 2009 at 3:58 PM, Stefano Zanero <zanero (at) elet.polimi (dot) it [email concealed]> wrote:
> Paul Palmer wrote:
>
>> Isn't this essentially one of the things that NSS does as part of their
>> product reviews?
>
> Nope, it isn't.
>
> NSS's evaluation is essentially targeted at misuse detectors (which are
> the overwhelming majority of commercial products), and does not really
> take into account an appropriate definition of false positives or
> detection rates, because they don't make really sense for misuse detectors.
>
>> Granted, getting your product reviewed is not free, but I think you would
>> find that it is probably cheaper to have NSS perform the evaluation than
>> investing in the infrastructure to do it yourself.
>
> NSS evaluation technique are not suitable for the evaluation of anomaly
> detectors, in particular for academic purposes.
>
> Stefano
>
>
>

[ reply ]