• DocumentCode
    2359281
  • Title

    IntruDetector: a software platform for testing network intrusion detection algorithms

  • Author

    Wan, Tao ; Yang, Xue Dong

  • Author_Institution
    Dept. of Comput. Sci., Regina Univ., Sask., Canada
  • fYear
    2001
  • fDate
    10-14 Dec. 2001
  • Firstpage
    3
  • Lastpage
    11
  • Abstract
    An intrusion detection system (IDS), that monitors passively specific computing resources, and reports anomalous or intrusive activities, is becoming an important component in the security system of information infrastructure. Algorithms for detecting intrusions are under rapid development, but far from being mature. One interesting and difficult issue is how to study and test a new intrusion detection algorithm against a variety of (perhaps simulated) intrusive activities under realistic background traffic. A flexible and general-purpose platform for testing intrusion detection algorithms is clearly desirable. This paper presents such a software platform, called IntruDetector. With this platform, detection algorithms can be tested directly in a real environment with a wide range of intrusive activities. The data of normal system activities are directly collected from the live environment, and are mixed with intrusive activities that are simulated by hybrid simulation. The main properties of this approach are: (1) the background traffic is realistic; (2) it allows flexible simulation of various types of intrusions; and (3) normal system operation will not be disrupted by virtually simulated destructive intrusions during testing.
  • Keywords
    authorisation; hybrid simulation; program testing; IDS; IntruDetector; algorithm testing; flexible simulation; hybrid simulation; information infrastructure; intrusion detection system; monitoring; network intrusion detection; realistic background traffic; security information; software platform; Algorithm design and analysis; Data security; Detection algorithms; Face detection; Intrusion detection; Performance analysis; Software algorithms; Software testing; System testing; Traffic control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual
  • Print_ISBN
    0-7695-1405-7
  • Type

    conf

  • DOI
    10.1109/ACSAC.2001.991516
  • Filename
    991516