To evaluate the performance of Intrusion Detection System is the main goal of this thesis. Because network intrusion have been increasing in frequently, not only intensional intrusions but also non-destructive intrusions should not be allowed to enter the protected systems. However, for protected systems, system administrators must consider whether they can identify every intrusions and deny them to enter that systems. Thus, how to select a proper intrusion detection system for a specified network environment becomes an important decision. Depending on different properties of application environment, we should employ different intrusion detection system. Thus, we present a new approach for testing intrusion detection systems in order to analyze performance of intrusion detection systems. First, we use Survivable Network Analysis to analyze network environment’s survivability, finding all targets can be attacked and all attacking approaches can be used on them. Then, we use these approaches which are supported by vulnerability database to make attacks, and we use record-and-replay approach to make normal background traffic. In this thesis, we take electronic commerce networks and campus information systems as tested targets. Programs utilize DoS are our main attack tools and we use them to evaluate whether performance of intrusion detection system are influenced , which can help us to select proper intrusion detection systems.