Plug & execute framework for network traffic generation
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Network attack detection at flow level
NEW2AN'11/ruSMART'11 Proceedings of the 11th international conference and 4th international conference on Smart spaces and next generation wired/wireless networking
Active flows in diagnostic of troubleshooting on backbone links
Journal of High Speed Networks
| Hi-index | 0.00 |
The Network traffic Emulation is used in generating background traffic for IDSs evaluation. The Background traffic can be used to evaluate the false positive level and the performance of the misuse IDSs and help training normal behavior profiles for anomaly IDSs. Currently the emulation methods for the background traffic are either restricted by the performance bottleneck of the software and hardware, or lack of the semantic of flow and session. So they can't satisfy the IDS evaluation requirement in highspeed network environment. After analyzing the requirement of IDSs evaluation and the characteristics of network traffic, this paper proposes a differential equation model of active flow rate. Based on the equation, a structural simulation model of network flow is constructed and used in the network traffic emulation for IDS evaluation. This model is both simple for high performance and similar to the reality. The experiments show that the model proposed can generate traffic both realistic and controllable.