The base-rate fallacy and its implications for the difficulty of intrusion detection
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
ACM Transactions on Information and System Security (TISSEC)
Computer Networks: The International Journal of Computer and Telecommunications Networking
A high-throughput path metric for multi-hop wireless routing
Proceedings of the 9th annual international conference on Mobile computing and networking
Generating realistic workloads for network intrusion detection systems
WOSP '04 Proceedings of the 4th international workshop on Software and performance
Secure Routing and Intrusion Detection in Ad Hoc Networks
PERCOM '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications
Hi-index | 0.00 |
Testing Intrusion Detection Systems (IDS) has been a substantial part of the development lifecycle, since the first prototypes and products appeared on the market. Unfortunately, many of the existing principles, procedures and systematic frameworks for testing IDS are not broad enough to cover systems which are focussed on mobile adhoc networks (MANETs). As a baseline, this paper expands the most important requirements for IDS testing to MANET environments. Two alternative testbed realization approaches are described, including a common example scenario for comparing the properties of the approaches. One approach is based on hardware nodes, reproducible physical motion and radio signal attenuation; the other uses both hardware and virtual nodes and a motion emulation framework that is able to incorporate arbitrary radio propagation models. A selection of MANET specific attacks and their implementation and impact on both types of testbeds is presented. These attacks are beyond the threats that we know from conventional wired networks, which still need to be taken care of in MANETs. Finally, the advantages of both test bed approaches are discussed. As a conclusion, a deployment strategy for testing MANET IDS under different conditions is derived.