Testing CAB-IDS Through Mutations: On the Identification of Network Scans
Fecha de publicación
Springer Science + Business Media
Knowledge-Based Intelligent Information and Engineering Systems Lecture Notes in Computer Science. Lecture Notes in Computer Science. Volumen 4252, pp. 433-441.
This study demonstrates the ability of powerful visualization tools (based on the use of connectionist models) to identify network intrusion attempts in an effective and reliable manner. It presents a novel technique to test and evaluate a previously developed network-based intrusion detection system (IDS). This technique applies mutant operators and is intended to test IDSs using numerical data sets. It should be made clear that some mutations were discarded as they did not all provide real life situations. As an application example of the proposed testing model, it has been specially applied to the identification of network scans and mutations of these. The tested Connectionist Agent-Based IDS (CAB-IDS) is used as a method to investigate the traffic which travels along the analysed network, detecting anomalous traffic patterns. The specific tests performed in this study were based on the mutation of one or several variables analysed by CAB-IDS.
978-3-540-46537-9 (Print) / 978-3-540-46539-3 (Online)
0302-9743 (Print) / 1611-3349 (Online)
- BISITE. Congresos