Investigative Profiling with Computer Forensic Log Data and Association Rules
ICDM '02 Proceedings of the 2002 IEEE International Conference on Data Mining
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Hi-index | 0.00 |
A key requirement for experimental analysis in the areas of network intrusion and computer forensics is the availability of suitable datasets. However, the inherent security and privacy issues surrounding these disciplines have resulted in a lack of available "test-bed" datasets for testing and evaluation purposes. Typically, the datasets required in these cases are from system log files, containing traces of computer misuse. Therefore, there is obvious potential for the use of synthetically generated log files that can accurately reproduce these traces or patterns of misuse. This paper discusses the development, testing, and evaluation of a dataset generator tool, designed to produce such datasets, particularly those containing patterns of common computer attacks.