Vasilomanolakis, Emmanouil ; Garcia Cordero, Carlos ; Milanov, Nikolay ; Mühlhäuser, Max (2016)
Towards the creation of synthetic, yet realistic, intrusion detection datasets <b>(best paper award)</b>.
Istanbul, Turkey
doi: 10.1109/NOMS.2016.7502989
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Intrusion Detection Systems (IDSs) are an important defense tool against the sophisticated and ever-growing network attacks. With this in mind, the research community has been immersed in the field of IDSs over the past years more than before. Still, assessing and comparing performance between different systems and algorithms remains one of the biggest challenges in this research area. IDSs need to be evaluated and compared against high quality datasets; nevertheless, the existing ones have become outdated or lack many essential requirements. We present the Intrusion Detection Dataset Toolkit (ID2T), an approach for creating out-of-the-box labeled datasets that contain user defined attacks. In this paper, we discuss the essential requirements needed to create synthetic, yet realistic, datasets with user defined attacks. We also present typical problems found in synthetic datasets and propose a software architecture for building tools that can cope with the most typical problems. A publicly available prototype, is implemented and evaluated. The evaluation comprises a performance analysis and a quality assessment of the generated datasets. We show that our tool can handle large amounts of network traffic and that it can generate synthetic datasets without the problems or shortcomings we identified in other datasets.

Frage zum Eintrag

Redaktionelle Details anzeigen