DocumentCode
2359281
Title
IntruDetector: a software platform for testing network intrusion detection algorithms
Author
Wan, Tao ; Yang, Xue Dong
Author_Institution
Dept. of Comput. Sci., Regina Univ., Sask., Canada
fYear
2001
fDate
10-14 Dec. 2001
Firstpage
3
Lastpage
11
Abstract
An intrusion detection system (IDS), that monitors passively specific computing resources, and reports anomalous or intrusive activities, is becoming an important component in the security system of information infrastructure. Algorithms for detecting intrusions are under rapid development, but far from being mature. One interesting and difficult issue is how to study and test a new intrusion detection algorithm against a variety of (perhaps simulated) intrusive activities under realistic background traffic. A flexible and general-purpose platform for testing intrusion detection algorithms is clearly desirable. This paper presents such a software platform, called IntruDetector. With this platform, detection algorithms can be tested directly in a real environment with a wide range of intrusive activities. The data of normal system activities are directly collected from the live environment, and are mixed with intrusive activities that are simulated by hybrid simulation. The main properties of this approach are: (1) the background traffic is realistic; (2) it allows flexible simulation of various types of intrusions; and (3) normal system operation will not be disrupted by virtually simulated destructive intrusions during testing.
Keywords
authorisation; hybrid simulation; program testing; IDS; IntruDetector; algorithm testing; flexible simulation; hybrid simulation; information infrastructure; intrusion detection system; monitoring; network intrusion detection; realistic background traffic; security information; software platform; Algorithm design and analysis; Data security; Detection algorithms; Face detection; Intrusion detection; Performance analysis; Software algorithms; Software testing; System testing; Traffic control;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual
Print_ISBN
0-7695-1405-7
Type
conf
DOI
10.1109/ACSAC.2001.991516
Filename
991516
Link To Document