Intrusion detection testing and benchmarking methodologies

Author

Athanasiades, Nicholas ; Abler, Randal ; Levine, John ; Owen, Henry ; Riley, George

Author_Institution

Sch. of Electr. & Comput. Eng., Georgia Inst. of Technol., Atlanta, GA, USA

fYear

2003

fDate

24-24 March 2003

Firstpage

63

Lastpage

72

Abstract

The ad-hoc methodology that is prevalent in today´s testing and evaluation of network intrusion detection algorithms and systems makes it difficult to compare different algorithms and approaches. After conducting a survey of the literature on the methods and techniques being used, it can be seen that a new approach that incorporates an open source testing methodology and environment would benefit the information assurance community. After summarizing the literature and presenting several example test and evaluation environments that have been used in the past, we propose a new open source evaluation environment and methodology for use by researchers and developers of new intrusion detection and denial of service detection and prevention algorithms and methodologies.

Keywords

computer crime; computer networks; program testing; public domain software; telecommunication security; benchmarking methodologies; denial of service detection algorithms; hacker tools; information assurance; intrusion detection algorithms; intrusion detection testing; network intrusion detection algorithms; network security; open source evaluation environment; open source testing methodology; Benchmark testing; Communication system traffic control; Conferences; Feeds; Intrusion detection; System testing; Telecommunication traffic; Traffic control; Training data; USA Councils;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Assurance, 2003. IWIAS 2003. Proceedings. First IEEE International Workshop on

Conference_Location

Darmstadt, Germany

Print_ISBN

0-7695-1886-9

Type

conf

DOI

10.1109/IWIAS.2003.1192459

Filename

1192459