Evaluation of the Cisco IOS Firewall with DARPA 99 Dataset


Gunes Kayacik
Nur Zincir-Heywood

Author Addresses: 

Faculty of Computer Science
Dalhousie University
6050 University Ave.
PO Box 15000
Halifax, Nova Scotia, Canada
B3H 4R2


Two open source intrusion detection systems - Snort, Pakemon - and Cisco IOS Firewall with intrusion detection capabilities are benchmarked against DARPA 99 dataset. Performance is characterized using multiple performance metrics. The results show that different tools perform well under different attack categories; hence they can be run at the same time to increase the detection rate of attack instances.

Tech Report Number: 
Report Date: 
November 8, 2002
PDF icon CS-2002-11.pdf62.26 KB