Intrusion detection testing and benchmarking methodologies

Proceedings - 1st IEEE International Workshop on Information Assurance, IWIA 2003

Volumn , Issue , 2003, Pages 63-72

  Athanasiades, N ^a   Abler, R ^a   Levine, J ^a   Owen, H ^a   Riley, G ^a  

^a GEORGIA INSTITUTE OF TECHNOLOGY   (United States)

Author keywords

Benchmark testing; Communication system traffic control; Conferences; Feeds; Intrusion detection; System testing; Telecommunication traffic; Traffic control; Training data; USA Councils

Indexed keywords

FEEDING; TELECOMMUNICATION TRAFFIC; TRAFFIC CONTROL;

BENCHMARK TESTING; COMMUNICATION SYSTEM TRAFFIC; CONFERENCES; SYSTEM TESTING; TRAINING DATA; USA COUNCILS;

INTRUSION DETECTION;

EID: 84942240686     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IWIAS.2003.1192459     Document Type: Conference Paper

References (49)

1. Abily, V. and Ducasse, M., "Benchmarking a distributed intrusion detection system based on ASAX: Preliminary results" Extended abstract presented at RAID 2000.
2. Zhnag, K. "A Methodology for Testing Intrusion Detection Systems," M.S. Thesis, University of California at Davis, May 1993.
3. Champion, Terrence and Denz, Mary L., "A Benchmark Evaluation Network Intrusion Detection Systems", IEEE 2001.
4. Champion, Terrence G. and Durst, Robert S. "Air Force Intrusion Detection System Evaluation", www.raid-symposiom.org
5. Cunningham, R. K.; Lippmann, R. P.; Fried, D. J.; Garfinkel, S. L.; Graf, I., Kendal, K. R.; Webster, S. E.; Wyschogrod, D. and Zissman, M. A. "Evaluating Intrusion Detection Systems without Attacking your Friends: The 1998 DARPA Intrusion Detection Evaluation", In Proceedings of the Third Conference and Workshop on Intrusion Detection and Response (SANS 1999).
6. Kendall, K., "A Database of Computer Attacks for the Evaluations of Intrusion Detection Systems", M.S. Thesis, MIT Department of Electrical Engineering and Computer Science, June 1999.
7. Korba, J., "Windows NT Attacks for the Evaluation of Intrusion Detection Systems" M. S. Thesis, MIT Department of Electrical Engineering and Computer Science, June 2000.
8. Lippman, Richard; Haines, Joshua W.; Fried, David J. and Korba, Jonathan, "The 1999 DARPA Off-Line Intrusion Detection Evaluation"
9. Lippman, Richard; Haines, Joshua W.; Fried, David J.; Korba, Jonathan and Das, K., "The 1999 DARPA Off-Line Intrusion Detection Evaluation", Computer Network, 34(4):579-595.
10. Lippmann, Richard P.; Cunnigham, Robert K.; Fried, David J.; Graf, Isaac; Kendall, Kris R.; Webster, Seth E.; Zissman, Marc A. "Results of the DARPA 1998 Offline Intrusion Detection Evaluation", www.ll.mit.edu/IST/pubs.
11. Lippmann, Richard P.; Fried, David J.; Gaf, Isaac; Haines, Joshua W.; Kendall, Hristopher R.; McClung, David; Weber, Dan; Webster, Seth E; Wyschogrod, Day; Cunningham, Robert K. and Zissman, Marc A., "Evaluating Intrusion Detection Systems: The 1998 DARPA Off-Line Intrusion Detection Evaluation", In Proceeding of the DARPA Information Survivability Conference and Exposition: DISCEX-200,.Volume 2. Los Alamitos, California: IEE Computer Society , 25-27 January 2000, pp. 12-26, Hilton Head Island, South Carolina.
12. Lippmann, Richard P.; Graf, Isaac; Wyschogrod, Dan; Webster, Seth E.; Weber, Dan J. and Gorton, Sam, "The 1998 DARPA/AFRL Off-Line Intrusion Detection Evaluation," First International Workshop on Recent Advances in Intrusion Detection (RAID), Louvain-la-Neuve, Belgium, 1998.
13. st International conference on Dependable Systems & Networks. New York, New York, USA: IEEE, 25-28 June 2000, pp.623-630.
14. Maxion, Roy A., "Measuring Intrusion Detection Systems. Web proceedings of the First International Workshop on Recent Advances in Intrusion Detection (RAID'98), www.raid-symposium.org/raid98
15. McHugh, John, "Testing Intrusion Detection Systems: A Critique of the 1998 and 199 DARPA Intrusion Detection System Evaluations as Performed by Lincoln Laboratory", ACM Transactions on Information and System Security, Vol. 3, no. 4, November 2000, pp. 262-294.
16. Me, Ludovic and Michel, Cedric, "Intrusion Detection: A Bibliography", Technical Report SSIR-2001-01, September, 2001.
17. Mell, P. "Acquiring and Deploying Intrusion detection Systems", National Institute of Standards and technology's Information Technology Laboratory bulletin.
18. Puketza, Nicholas J.; Chung, Mandy; Olsson, Ronald A and Mukherjee, Biswanath, "A Software Platform for Testing Intrusion Detection Systems", IEEE Software, September/October, 1997, 43-51.
19. thNatrional Computer Security Conference: Baltimore, MD, October, 1994.
20. thNatrional Computer Security Conference, Vol. 1, pp.1-10, October, 1994.
21. Puketza, Nicholas J.; Zhang, Kui; Chung, Mandy; Mukherjee, Biswanath and Olsson, Ronald A., "A methodology for Testing Intrusion Detection Systems", IEEE Transactions on Software Engineering, 22, 1996, pp. 719-729.
22. Ranum, Marcus J., "Experiences Benchmarking Intrusion detection Systems", www.nfr.com, 5 May 2002.
23. Rossey, Lee M.; Rabek, Jesse C.; Cunningham, Robert K.; Fried, David J.; Lippmann, Rich P. and Zissman, Marc A. " LARIAT: Lincoln Adaptive Real-time Information Assurance Testbed", presentation in RAID 2001, 10 October 2001.
24. http://www.der-keiler.de/Mailing-Lists/securityfocus/focus-IDsystem/2002-01/0081.html (7/2/2002)
25. http://www.antara.net/home.html (7/2/2002)
26. Haines, Joshua W., Rossey, Lee M., Lippman, Richard P., Cunningham, Robert K., "Extending the DARPA Off-Line Intrusion Detection Evaluations", In the Proceedings of DISCEX 2001, June 11-12, Anaheim, CA.
27. http://www.nwfusion.com/techinsider/2002/0624security1.html (7/1/2002)
28. Loscocco, Peter A, ; Smalley, Stephen D.; Muckelbauer, Patrick A.; Taylor, Ruth C.; Turner; S. Jeff and Farell, John F. "The inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments", National Security Agency
29. http://www.hping.org/ (7/5/2002)
30. Ptacek, Thomas H. and Newsham, Timothy N. " Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-98.html#cit6 (7/5/2002)
31. http://securityresponse.symantec.com/avcenter/security/Content/2000-06-01.html (7/5/2002)
32. http://www.roland-riegel.de/nload/index-en.html (7/5/2002)
33. www.netpref.org (7/5/2002)
34. http://dast.nlanr.net/Projects/Iperf/ (7/5/2002)
35. http://www.webattack.com (7/6/2002)
36. http://www.hackingexposed.com/tools/tools.html (7/6/2002)
37. http://www.physnet.unihamburg.de/physnet/security/vulnerability/synk4.html (7/6/2002)
38. http://packetstormsecurity.nl/UNIX/IDS/nidsbench/nidsbench.html (7/6/2002)
39. http://www.cawnetworks.com/product/index.shtml (7/6/2002)
40. http://www.shmoo.com/mail/ids/oct99/msg00474.html (6/30/2002)
41. "Intrusion Detection Systems: Group Test (Edition 2)" The NSS Group, Oakwood House, Wennington, Cambridge, PE28 2LX, England, UK: www.nss.co.uk (7/12/2002)
42. http://www.shmoo.com/cctf/ (7/16/2002)
43. http://www.hsc.fr/ressources/outils/idswakeup/index.html.en (7/16/2002)
44. http://archives.neohapsis.com/archives/sf/ids/2001-q2/0316.html (7/16/2002)
45. http://cebu.mozcom.com/riker/iptraf/about.html (7/16/2002)
46. Das, J. Kumar "Attack Development for Intrusion Detection Evaluation " M. S. Thesis, MIT Department of Electrical Engineering and Computer Science, June 2000.
47. http://tcpreplay.sourceforge.net/
48. [Marty, Raffael, "THOR: A Tool to Test Intrusion Detection Systems by Variation of Attacks", Diploma Thesis Swiss Federal Institute of Technology Zurich, March 2002.
49. http://www.insecure.org/tools.html (7/2/2002