ACM Transactions on Information and System Security (TISSEC)
Generating Representative Traffic for Intrusion Detection System Benchmarking
CNSR '05 Proceedings of the 3rd Annual Communication Networks and Services Research Conference
Intrusion detection based on "hybrid" propagation in Bayesian Networks
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Similarity-based classification using specific features in network intrusion detection
AsiaCSN '08 Proceedings of the Fifth IASTED International Conference on Communication Systems and Networks
Hi-index | 0.00 |
In this paper, we employed two machine learning algorithms – namely, a clustering and a neural network algorithm – to analyze the network traffic recorded from three sources. Of the three sources, two of the traffic sources were synthetic, which means the traffic was generated in a controlled environment for intrusion detection benchmarking. The main objective of the analysis is to determine the differences between synthetic and real-world traffic, however the analysis methodology detailed in this paper can be employed for general network analysis purposes. Moreover the framework, which we employed to generate one of the two synthetic traffic sources, is briefly discussed.