Skip to main content
Conference ProceedingsOPEN ACCESS

Testing IDS using GENESIDS: Realistic mixed traffic generation for IDS evaluation

SIGCOMM 2018 - Proceedings of the 2018 Posters and Demos, Part of SIGCOMM 2018 (2018) 153-155
DOI: 10.1145/3234200.3234204
7Citations
Citations of this article
13Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Evaluating signature-based Network Intrusion Detection Systems (NIDS) is a necessary but in general difficult task. Often, live or recorded real-world traffic is used. However, real-world network traffic is often hard to come by at larger scale and the few available traces usually do not contain application layer payload. Furthermore, these traces only contain a small amount of malicious traffic, which does not suffice to thoroughly test a NIDS. We solve this problem by proposing a complete stateful traffic generation system that mixes realistic traffic with user definable malicious HTTP traffic with the purpose of evaluating a NIDS. By relying on the Snort syntax for traffic definition, we guarantee a large dataset of realistic up-to-date attack patterns.

Cite

CITATION STYLE

APA

Erlacher, F., & Dressler, F. (2018). Testing IDS using GENESIDS: Realistic mixed traffic generation for IDS evaluation. In SIGCOMM 2018 - Proceedings of the 2018 Posters and Demos, Part of SIGCOMM 2018 (pp. 153–155). Association for Computing Machinery, Inc. https://doi.org/10.1145/3234200.3234204

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free