Abstract
Intrusion Detection Systems (IDSs) are an important defense tool against the sophisticated and ever-growing network attacks. With this in mind, the research community has been immersed in the field of IDSs over the past years more than before. Still, assessing and comparing performance between different systems and algorithms remains one of the biggest challenges in this research area. IDSs need to be evaluated and compared against high quality datasets; nevertheless, the existing ones have become outdated or lack many essential requirements. We present the Intrusion Detection Dataset Toolkit (ID2T), an approach for creating out-of-the-box labeled datasets that contain user defined attacks. In this paper, we discuss the essential requirements needed to create synthetic, yet realistic, datasets with user defined attacks. We also present typical problems found in synthetic datasets and propose a software architecture for building tools that can cope with the most typical problems. A publicly available prototype, is implemented and evaluated. The evaluation comprises a performance analysis and a quality assessment of the generated datasets. We show that our tool can handle large amounts of network traffic and that it can generate synthetic datasets without the problems or shortcomings we identified in other datasets.
Original language | English |
---|---|
Title of host publication | Proceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium |
Editors | Sema Oktug Badonnel, Mehmet Ulema, Cicek Cavdar, Lisandro Zambenedetti Granville, Carlos Raniery P. dos Santos |
Number of pages | 6 |
Publisher | IEEE |
Publication date | 30 Jun 2016 |
Pages | 1209-1214 |
Article number | 7502989 |
ISBN (Electronic) | 9781509002238 |
DOIs | |
Publication status | Published - 30 Jun 2016 |
Externally published | Yes |
Event | 2016 IEEE/IFIP Network Operations and Management Symposium, NOMS 2016 - Istanbul, Turkey Duration: 25 Apr 2016 → 29 Apr 2016 |
Conference
Conference | 2016 IEEE/IFIP Network Operations and Management Symposium, NOMS 2016 |
---|---|
Country/Territory | Turkey |
City | Istanbul |
Period | 25/04/2016 → 29/04/2016 |
Series | Proceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium |
---|
Bibliographical note
Publisher Copyright:© 2016 IEEE.