Share Email Print
cover

Proceedings Paper

Realistic computer network simulation for network intrusion detection dataset generation
Author(s): Garrett Payer
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

The KDD-99 Cup dataset is dead. While it can continue to be used as a toy example, the age of this dataset makes it all but useless for intrusion detection research and data mining. Many of the attacks used within the dataset are obsolete and do not reflect the features important for intrusion detection in today's networks. Creating a new dataset encompassing a large cross section of the attacks found on the Internet today could be useful, but would eventually fall to the same problem as the KDD-99 Cup; its usefulness would diminish after a period of time. To continue research into intrusion detection, the generation of new datasets needs to be as dynamic and as quick as the attacker. Simply examining existing network traffic and using domain experts such as intrusion analysts to label traffic is inefficient, expensive, and not scalable. The only viable methodology is simulation using technologies including virtualization, attack-toolsets such as Metasploit and Armitage, and sophisticated emulation of threat and user behavior. Simulating actual user behavior and network intrusion events dynamically not only allows researchers to vary scenarios quickly, but enables online testing of intrusion detection mechanisms by interacting with data as it is generated. As new threat behaviors are identified, they can be added to the simulation to make quicker determinations as to the effectiveness of existing and ongoing network intrusion technology, methodology and models.

Paper Details

Date Published: 11 May 2015
PDF: 14 pages
Proc. SPIE 9494, Next-Generation Robotics II; and Machine Intelligence and Bio-inspired Computation: Theory and Applications IX, 94940V (11 May 2015); doi: 10.1117/12.2180153
Show Author Affiliations
Garrett Payer, ICF International (United States)


Published in SPIE Proceedings Vol. 9494:
Next-Generation Robotics II; and Machine Intelligence and Bio-inspired Computation: Theory and Applications IX
Misty Blowers; Dan Popa; Muthu B. J. Wijesundara, Editor(s)

© SPIE. Terms of Use
Back to Top