Abstract: Evaluation has been the traditional means of providing assurance. The Common Criteria (CC) defines a Protection Profile (PP) that defines the security environments and specifies the security requirements and protections of the product to be evaluated. The security environments consist of assumptions, threats and organizational security policies, so the editor of the PP must describe the threats for the PP. In this study we propose a new method for the description of the threats for the PP by introducing the concept of the assets protected by Target of Evaluations (TOE) and show some merits by applying that concept to the Network-based Intrusion Detection System (NIDS).