Intrusion Detection Testing and Benchmarking Methodologies

Authors:
Nicholas Athanasiades;Randal Abler;John Levine;Henry Owen;George Riley
Affiliations:
-;-;-;-;-
Venue:
IEEE-IWIA '03 Proceedings of the First IEEE International Workshop on Information Assurance (IWIA'03)
Year:
2003

Citing 0
Cited 15

Generating realistic workloads for network intrusion detection systems

WOSP '04 Proceedings of the 4th international workshop on Software and performance
A Testbed for Quantitative Assessment of Intrusion Detection Systems using Fuzzy Logic

IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Measuring normality in HTTP traffic for anomaly-based intrusion detection

Computer Networks: The International Journal of Computer and Telecommunications Networking
Autonomous decision on intrusion detection with trained BDI agents

Computer Communications
A case study in testing a network security algorithm

Proceedings of the 4th International Conference on Testbeds and research infrastructures for the development of networks & communities
An efficient FPGA implementation of principle component analysis based network intrusion detection system

Proceedings of the conference on Design, automation and test in Europe
Opening the Pandora's Box: Exploring the fundamental limitations of designing intrusion detection for MANET routing attacks

Computer Communications
Hierarchical clustering ensemble algorithm based association rules

WiCOM'09 Proceedings of the 5th International Conference on Wireless communications, networking and mobile computing
Comparing anomaly detection techniques for HTTP

RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Plug & execute framework for network traffic generation

Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Hybrid detection of application layer attacks using Markov models for normality and attacks

ICICS'10 Proceedings of the 12th international conference on Information and communications security
Proposals on assessment environments for anomaly-based network intrusion detection systems

CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Effectiveness evaluation of data mining based IDS

ICDM'06 Proceedings of the 6th Industrial Conference on Data Mining conference on Advances in Data Mining: applications in Medicine, Web Mining, Marketing, Image and Signal Mining
Anomaly detection methods in wired networks: a survey and taxonomy

Computer Communications
N-Gram against the machine: on the feasibility of the n-gram network analysis for binary protocols

RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses

Quantified Score

Hi-index	0.00

Visualization

Abstract

The ad-hoc methodology that is prevalent in today's testing and evaluation of network intrusion detection algorithms and systems makes it difficult to compare different algorithms and approaches. After conducting a survey of the literature on the methods and techniques being used, it can be seen that a new approach that incorporates an open source testing methodology and environment would benefit the information assurance community. After summarizing the literature and presenting several example test and evaluation environments that have been used in the past, we propose a new open source evaluation environment and methodology for use by researchers and developers of new intrusion detection and denial of service detection and prevention algorithms and methodologies.