Title :
On Testing of Implementation Correctness of Protocol Based Intrusion Detection Systems
Author_Institution :
Coll. of Comput. & Digital Media, DePaul Univ., Chicago, IL, USA
Abstract :
Intrusion Detection Systems (IDSs) are important components in the strategy of defense in depth for network security. Whether an IDS detects intrusions correctly or not depends on the correctness of both its design and the implementation. A survey of the literatures over the last decade reveals various methodologies for the evaluation and testing of network intrusion detection algorithms. However most of these efforts focus on signature based and anomaly based network IDSs. There is another approach of detection known as protocol based detection or protocol anomaly detection. In this paper, we propose an approach for testing the correctness of implementations of protocol based intrusion detection systems. We demonstrate that by adapting protocol conformance testing methodologies we can effectively test the correctness of the implementations.
Keywords :
protocols; security of data; network intrusion detection algorithm; network security; protocol anomaly detection; protocol based detection; protocol based intrusion detection system; protocol conformance testing methodology; Adaptation models; Intrusion detection; Law; Presses; Protocols; Testing; Communication protocols; Intrusion Detection Systems; Network Security; Protocol Conformance Testin; Protocol Engineering;
Conference_Titel :
Software Engineering Research, Management and Applications (SERA), 2011 9th International Conference on
Conference_Location :
Baltimore, MD
Print_ISBN :
978-1-4577-1028-5
DOI :
10.1109/SERA.2011.26
