Methods for testing network-intrusion detection systems

Authors:
D. A. Khorkov
Affiliations:
Intellectual Systems and Information Safety Regional Scientific-Educational Center, Institute of Mathematics and Computer Sciences, Ural Federal University, Ural, Russia
Venue:
Scientific and Technical Information Processing
Year:
2012

Citing 7
Cited 0

A Methodology for Testing Intrusion Detection Systems

IEEE Transactions on Software Engineering
Testing and evaluating computer intrusion detection systems

Communications of the ACM
The 1999 DARPA off-line intrusion detection evaluation

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory

ACM Transactions on Information and System Security (TISSEC)
Petri Net Theory and the Modeling of Systems

Petri Net Theory and the Modeling of Systems
Testing network-based intrusion detection signatures using mutant exploits

Proceedings of the 11th ACM conference on Computer and communications security
Automatic Evaluation of Intrusion Detection Systems

ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

The key methods for testing network-intrusion detection systems are considered. The advantages and drawbacks of different testing methods are analyzed. The main prerequisites for developing a statistically consistent technique for testing and certification of network intrusion detection systems are formulated. The conclusion is made that it is necessary to develop a model of a complex computer attack that could be used for synthesis of the network traffic of the attacking action.