IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Debugging Parallel Programs with Instant Replay
IEEE Transactions on Computers
Analyzing Partition Testing Strategies
IEEE Transactions on Software Engineering
NADIR: an automated system for detecting network intrusion and misuse
Computers and Security
Tcl and the Tk toolkit
A taxonomy of computer program security flaws
ACM Computing Surveys (CSUR)
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
Art of Software Testing
Exploring Expect
USTAT: A Real-Time Intrusion Detection System for UNIX
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
ACM Transactions on Information and System Security (TISSEC)
DEVS Simulation of distributed intrusion detection systems
Transactions of the Society for Computer Simulation International - Recent advances in DEVS Methodology--part I
A Synthetic Fraud Data Generation Methodology
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
SPANIDS: a scalable network intrusion detection loadbalancer
Proceedings of the 2nd conference on Computing frontiers
Measuring intrusion detection capability: an information-theoretic approach
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Simulating users to support the design of activity management systems
WSC '05 Proceedings of the 37th conference on Winter simulation
A review of information security issues and respective research contributions
ACM SIGMIS Database
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
International Journal of Information and Computer Security
A Comparative Evaluation of Anomaly Detectors under Portscan Attacks
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Dynamic policy model for target based intrusion detection system
Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human
Evaluation of the diagnostic capabilities of commercial intrusion detection systems
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Performance adaptation in real-time intrusion detection systems
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Comparing anomaly detection techniques for HTTP
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Securing computerised models and data against integrity attacks
International Journal of Electronic Finance
Accuracy improving guidelines for network anomaly detection systems
Journal in Computer Virology
Testing and validating machine learning classifiers by metamorphic testing
Journal of Systems and Software
Development of an attack packet generator applying an NP to the intelligent APS
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
Towards an information-theoretic framework for analyzing intrusion detection systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Methods for testing network-intrusion detection systems
Scientific and Technical Information Processing
Performance analysis of wireless intrusion detection systems
IDCS'12 Proceedings of the 5th international conference on Internet and Distributed Computing Systems
Administrative evaluation of intrusion detection system
Proceedings of the 2nd annual conference on Research in information technology
| Hi-index | 0.00 |
Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.