Why we don't know how to simulate the Internet
Proceedings of the 29th conference on Winter simulation
Learning Rules for Anomaly Detection of Hostile Network Traffic
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
Characteristics of internet background radiation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
The devil and packet trace anonymization
ACM SIGCOMM Computer Communication Review
Automatic Evaluation of Intrusion Detection Systems
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
A first look at modern enterprise traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Challenging the anomaly detection paradigm: a provocative discussion
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Sanitization models and their limitations
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Dartmouth internet security testbed (DIST: building a campus-wide wireless testbed
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
Dartmouth internet security testbed (DIST: building a campus-wide wireless testbed
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
Hi-index | 0.00 |
The Network security systems have unique testing requirements. Like other systems, they need to be tested to ensure that they perform as expected, and to specify the conditions under which they might fail. However, un-like other systems, the data required to perform such testing is not easily or publicly available. In this paper we present the requirements for appropriate network traces for testing such systems, along with the challenges of creating public network traces. We make recommendations for tackling these challenges and suggest approaches to developing a public suite of network traces for use by the security community.