1999 DARPA off-line intrusion detection evaluation

Computer Networks

Volumn 34, Issue 4, 2000, Pages 579-595

  Lippmann, Richard ^a   Haines, Joshua W ^a   Fried, David J ^a   Korba, Jonathan ^a   Das, Kumar ^a  

^a MIT LINCOLN LABORATORY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CONGESTION CONTROL (COMMUNICATION); DATA PRIVACY; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; NETWORK PROTOCOLS; SECURITY OF DATA; SIGNAL DETECTION; TELECOMMUNICATION TRAFFIC; UNIX;

INTRUSION DETECTION SYSTEMS; SOFTWARE PACKAGE WINDOWS;

WORLD WIDE WEB;

EID: 0034301517     PISSN: 13891286     EISSN: None     Source Type: Journal    
DOI: 10.1016/S1389-1286(00)00139-0     Document Type: Article

References (24)

1. J. Allen, A. Christie, W. Fithen, J. McHugh, J. Pickel, E. Stoner, State of the practice of intrusion detection technologies, Carnegie Mellon University/Software Engineering Institute Technical Report CMU/SEI-99-TR-028, January 2000.
2. E.G. Amoroso, Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response, Intrusion.Net Books, 1999.
3. K. Das, The development of stealthy attacks to evaluate intrusion detection systems, S.M. Thesis, MIT Department of Electrical Engineering and Computer Science, June 2000.
4. H. Debar, M. Dacier, A. Wespi, S. Lampart, An experimental workbench for intrusion detection systems, Research Report RZ 2998 (#93044), IBM Research Division, Zurich Research Laboratory, 8803 Ruschlikon, Switzerland, 9 March 1999, http://www.zurich.ibm.com/Technology/Security/extern/gsal/docs/index.html.
5. Durst R., Champion T., Witten B., Miller E., Spagnuolo L. Testing and evaluating computer intrusion detection systems. Communications of the ACM. 42:1999;53-61.
6. C. Elkan, Results of the KDD'99 Classifier Learning Contest, Sponsored by the International Conference on Knowledge Discovery in Databases, September 1999, http://www-cse.ucsd.edu/users/elkan/clresults.html.
7. A.K. Ghosh, A. Schwartzbard, A study in using neural networks for anomaly and misuse detection, in: Proceedings of the USENIX Security Symposium, 23-26 August 1999, Washington, DC, http://www.rstcorp.com/simanup/.
8. S. Jajodia, D. Barbara, B. Speegle, N. Wu, Audit Data Analysis and Mining (ADAM), project described in http://www.isse.gmu.edu/simdbarbara/adam.html, April 2000.
9. K. Kendall, A database of computer attacks for the evaluation of intrusion detection systems, S.M. Thesis, MIT Department of Electrical Engineering and Computer Science, June 1999.
10. J. Korba, Windows NT attacks for the evaluation of intrusion detection systems, S.M. Thesis, MIT Department of Electrical Engineering and Computer Science, June 2000.
11. R.P. Lippmann, David J. Fried, Isaac Graf, Joshua W. Haines, Kristopher R. Kendall, David McClung, Dan Weber, Seth E. Webster, Dan Wyschogrod, Robert K. Cunningham, Marc A. Zissman, Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation, in: Proceedings of the 2000 DARPA Information Survivability Conference and Exposition (DISCEX), vol. 2, IEEE Press, New York, January 2000.
12. R.P. Lippmann, R.K. Cunningham, Guide to creating stealthy attacks for the 1999 DARPA off-line intrusion detection evaluation, MIT Lincoln Laboratory Project Report IDDE-1, June 1999.
13. P. Neumann, P. Porras, Experience with EMERALD to DATE, in: Proceedings of the First USENIX Workshop on Intrusion Detection and Network Monitoring, Santa Clara, CA, April 1999, pp. 73-80, http://www.sdl.sri.com/emerald/index.html.
14. Northcutt S. Network Intrusion Detection; An Analysis Handbook. 1999;New Riders, Indianapolis.
15. T.H. Ptacek, T.N. Newsham, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, Secure Networks, Inc. Report, January 1998.
16. Puketza N., Zhang K., Chung M., Mukherjee B., Olsson R.A. A methodology for testing intrusion detection systems. IEEE Transactions on Software Engineering. 22:1996;719-729.
17. N. Puketza, M. Chung, R.A. Olsson, B. Mukherjee, A software platform for testing intrusion detection systems, IEEE Software (September/October 1997) 43-51.
18. A. Schwartzbard, A.K. Ghosh, A study in the feasibility of performing host-based anomaly detection on Windows NT, in: Proceedings of the Second Recent Advances in Intrusion Detection (RAID 1999) Workshop, West Lafayette, IN, 7-9 September 1999.
19. R. Sekar, P. Uppuluri, Synthesizing fast intrusion prevention/detection systems from high-level specifications, in: Proceedings of the Eighth Usenix Security Symposium, Washington, DC, August 1999, http://rcs-sgi.cs.iastate.edu/sekar/abs/usenixsec99.htm.
20. G. Shipley, Intrusion detection, take two, Network Computing, 15 November 1999, http://www.nwc.com/1023/10231.html.
21. D. Song, G. Shaffer, M. Undy, Nidsbench - A network intrusion detection system test suite, in: The Second International Workshop on Recent Advances in Intrusion Detection (RAID), September 1999, http://www.anzen.com/research/nidsbench/nidsbench-slides/nidsbench-slides.html.
22. M. Tyson, P. Berry, N. Williams, D. Moran, D. Blei, DERBI: Diagnosis, Explanation and Recovery from Computer Break-Ins, project described in http://www.ai.sri.com/simderbi/, April 2000.
23. G. Vigna, S.T. Eckmann, R.A. Kemmerer, The STAT tool suite, in: Proceedings of the 2000 DARPA Information Survivability Conference and Exposition (DISCEX), IEEE Press, New York, January 2000.
24. G. Vigna, R. Kemmerer, NetSTAT: A network-based intrusion detection system, Journal of Computer Security 7(1) (1999).