Filters








4,123 Hits in 3.8 sec

Generating realistic workloads for network intrusion detection systems

Spyros Antonatos, Kostas G. Anagnostakis, Evangelos P. Markatos
2004 Software engineering notes  
The goal of this study is to determine how to generate realistic workloads for nIDS performance evaluation.  ...  While the use of network intrusion detection systems (nIDS) is becoming pervasive, evaluating nIDS performance has been found to be challenging.  ...  The typical function of a Network Intrusion Detection System (nIDS) is based on a set of signatures, each describing one known intrusion threat.  ... 
doi:10.1145/974043.974078 fatcat:mcgv7fbgr5gj5dizlhefsrx6di

Generating realistic workloads for network intrusion detection systems

Spyros Antonatos, Kostas G. Anagnostakis, Evangelos P. Markatos
2004 Software engineering notes  
The goal of this study is to determine how to generate realistic workloads for nIDS performance evaluation.  ...  While the use of network intrusion detection systems (nIDS) is becoming pervasive, evaluating nIDS performance has been found to be challenging.  ...  The typical function of a Network Intrusion Detection System (nIDS) is based on a set of signatures, each describing one known intrusion threat.  ... 
doi:10.1145/974044.974078 dblp:conf/wosp/AntonatosAM04 fatcat:ydilhdsldfamvkrixbazthrmku

On Benchmarking Intrusion Detection Systems in Virtualized Environments [article]

Aleksandar Milenkoski and Samuel Kounev and Alberto Avritzer and Nuno Antunes and Marco Vieira
2014 arXiv   pre-print
Modern intrusion detection systems (IDSes) for virtualized environments are deployed in the virtualization layer with components inside the virtual machine monitor (VMM) and the trusted host virtual machine  ...  Finally, we outline future research directions in the area of benchmarking VMM-based IDSes and of intrusion detection in virtualized environments in general.  ...  As part of our work, we plan to provide concrete solutions for the presented challenges and to study promising intrusion detection techniques and methods for generation of malicious workloads, for example  ... 
arXiv:1410.1160v1 fatcat:ivg4ostfcncezfnrqq34bo5baq

Comparative Study of Datasets used in Cyber Security Intrusion Detection

Rahul Yadav, Phalguni Pathak, Saumya Saraswat
2020 International Journal of Scientific Research in Computer Science Engineering and Information Technology  
For Evaluation of network intrusion detection systems, many benchmark data sets were developed a decade ago.  ...  In this paper, we provides a focused literature survey of data sets used for network based intrusion detection and characterize the underlying packet and flow-based network data in detail used for intrusion  ...  For simulation in network intrusion detection systems, OPNET and NetSim, are commonly used tools. Fig. 4 Block Diagram of Network Based IDS IV.  ... 
doi:10.32628/cseit2063103 fatcat:xz7imau25bhpvmg2jdmhz7e4py

A Characterization of High-Performance Network Monitoring Systems and Workloads

Siddhartha Bunga, Tilman Wolf
2007 2007 Workshop on High Performance Switching and Routing  
These results give us an understanding of how much system resources are necessary to support measurement in next-generation highperformance networks.  ...  It is important to obtain a detailed understanding of the system architectures and workloads associated with packet measurement.  ...  The PacketBench statistics for Snort were graciously provided by Chia-Hui Tai.  ... 
doi:10.1109/hpsr.2007.4281259 fatcat:huvo2v6sljasjdqbxdcysoflai

Distributed network anomaly detection on an event processing framework

Atanas Pamukchiev, Simon Jouet, Dimitrios P. Pezaros
2017 2017 14th IEEE Annual Consumer Communications & Networking Conference (CCNC)  
Network Intrusion Detection Systems (NIDS) are an integral part of modern data centres to ensure high availability and compliance with Service Level Agreements (SLAs).  ...  In this paper, we propose a novel approach to distributed intrusion detection systems based on the architecture of recently proposed event processing frameworks.  ...  To evaluate the system with a realistic workload, traffic and packet distribution the anonymized dataset univ1 from IMC 2010 -Network Traffic Characteristics of Data Centers in the Wild has been used  ... 
doi:10.1109/ccnc.2017.7983209 dblp:conf/ccnc/PamukchievJP17 fatcat:hfwg2flzxzcb5or7sylvungcsi

Detecting insider attacks in medical cyber–physical networks based on behavioral profiling

Weizhi Meng, Wenjuan Li, Yu Wang, Man Ho Au
2018 Future generations computer systems  
In this work, we focus on the detection of malicious devices in MSNs and design a trust-based intrusion detection approach based on behavioral profiling.  ...  Special Administrative Region h i g h l i g h t s • A trust-based mechanism is built to detect insider nodes via behavioral profiling. • We select four mobile and networking features to establish behavioral  ...  ., [8] ) has shown that trust-based intrusion detection systems (IDSs) are a promising solution.  ... 
doi:10.1016/j.future.2018.06.007 fatcat:r6lcc6sgbvbepccn3ostmupi3u

Generating Client Workloads and High-Fidelity Network Traffic for Controllable, Repeatable Experiments in Computer Security [chapter]

Charles V. Wright, Christopher Connelly, Timothy Braje, Jesse C. Rabek, Lee M. Rossey, Robert K. Cunningham
2010 Lecture Notes in Computer Science  
In this paper, we present techniques for making experiments involving security and client-side desktop applications like web browsers, PDF readers, or host-based firewalls or intrusion detection systems  ...  Rigorous scientific experimentation in system and network security remains an elusive goal.  ...  [20] , uses similar techniques for building profiles of user behavior, and uses scripted templates to generate data sets for testing intrusion detection systems.  ... 
doi:10.1007/978-3-642-15512-3_12 fatcat:ar5gzzu7yvcdtff2ymlclglbz4

A methodology for evaluating runtime support in network processors

Xin Huang, Tilman Wolf
2006 Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems - ANCS '06  
Traditionally, network processor applications have been optimized for a single static workload scenario, but recently several approaches for run-time adaptation have been proposed.  ...  In this paper, we present a model for network processors that can aid in evaluating different run-time support systems.  ...  We provide examples from realistic applications and network traces and provide a mechanism for generating synthetic workloads that can be used in benchmarks. • Queuing Model for Analytic Evaluation of  ... 
doi:10.1145/1185347.1185363 dblp:conf/ancs/HuangW06 fatcat:7azb6niku5ha3lwnisljyebb34

Study of Machine Learning for Cloud Assisted IoT Security as a Service

Maram Alsharif, Danda B. Rawat
2021 Sensors  
Machine learning (ML) has been emerging as a viable solution for intrusion detection systems (IDS) to secure IoT devices against different types of attacks.  ...  ML based IDS (ML-IDS) normally detect network traffic anomalies caused by known attacks as well as newly introduced attacks.  ...  For intrusion detection systems, extracting features from a connection's packets is a fundamental activity for building, testing, and running the system.  ... 
doi:10.3390/s21041034 pmid:33546394 fatcat:6uxbwk6e3ncsjloe4vabcncgby

Sword: Scalable and Flexible Workload Generator for Distributed Data Processing Systems

Kay Anderson, Joseph Bigus, Eric Bouillet, Parijat Dube, Nagui Halim, Zhen Liu, Dimitrios Pendarakis
2006 Proceedings of the 2006 Winter Simulation Conference  
Workload generation is commonly employed for performance characterization, testing and benchmarking of computer systems and networks.  ...  We present a Scalable WORkloaD generator (SWORD) that we have developed for the testing and benchmarking of high-volume data processing systems.  ...  For instance, in order to test the analytics of an information processing system for intrusion detection, the challenge may consist of coordinated activities, such as Http, telnet, ftp, which appear innocuous  ... 
doi:10.1109/wsc.2006.323010 dblp:conf/wsc/AndersonBBDHLP06 fatcat:7vznbycconhybmkisf3wpcc3wa

Distributed Intrusion Detection with Intelligent Network Interfaces for Future Networks

Y. Luo, K. Xiang, J. Fan, C. Zhang
2009 2009 IEEE International Conference on Communications  
Intrusion detection remains an important and challenging task in current and next generation networks (NGN).  ...  Through the experimental results, we show the feasibility and performance of distributed intrusion detection in next generation networks.  ...  ACKNOWLEDGMENT The authors thank Justin Latham for his earlier work on this topic.  ... 
doi:10.1109/icc.2009.5198928 dblp:conf/icc/LuoXFZ09 fatcat:7mgzc5gtkbdaxbqsf36l7lnnty

WIND: Workload-Aware INtrusion Detection [chapter]

Sushant Sinha, Farnam Jahanian, Jignesh M. Patel
2006 Lecture Notes in Computer Science  
Intrusion detection and prevention systems have become essential to the protection of critical networks across the Internet.  ...  We argue that for higher performance, IDS and IPS systems should adapt according to the workload, which includes the set of input signatures and the network traffic characteristics.  ...  We thank Evan Cooke and Michael Bailey for providing valuable feedback on the draft and anonymous reviewers for critical and useful comments.  ... 
doi:10.1007/11856214_15 fatcat:6lfg4vvkejbellnrbljv7qztsa

Evaluating Dynamic Task Mapping in Network Processor Runtime Systems

Xin Huang, T. Wolf
2008 IEEE Transactions on Parallel and Distributed Systems  
Traditionally, network processor applications have been optimized for a single static workload scenario, but recently several approaches for runtime adaptation have been proposed.  ...  In this paper, we present a model for network processors that can aid in evaluating different runtime support systems.  ...  We provide examples from realistic applications and network traces and provide a mechanism for generating synthetic workloads that can be used in benchmarks.  ... 
doi:10.1109/tpds.2007.70806 fatcat:bjb5n3bw6behnovstd46x6v7su

Approaches and Challenges in Database Intrusion Detection

Ricardo Jorge Santos, Jorge Bernardino, Marco Vieira
2014 SIGMOD record  
In order to deal with intrusions against database systems, Database Intrusion Detection Systems (DIDS) are frequently used.  ...  The identified weak spots show that most DIDS inadequately deal with many characteristics of specific database systems, such as ad hoc workloads and alert management issues in data warehousing environments  ...  ACKNOWLEDGEMENTS We would like to thank the anonymous reviewers of the ACM SIGMOD Record for their helpful comments.  ... 
doi:10.1145/2694428.2694435 fatcat:wol424wthvfyvfj57g7ikswcnq
« Previous Showing results 1 — 15 out of 4,123 results