Title :
Network Traffic Emulation for IDS Evaluation
Author :
Yang, Wang ; Gong, Jian ; Ding, Wei ; Wu, Xiong
Author_Institution :
Southeast Univ., Nanjing
Abstract :
The network traffic emulation is used in generating background traffic for IDSs evaluation. The Background traffic can be used to evaluate the false positive level and the performance of the misuse IDSs and help training normal behavior profiles for anomaly IDSs. Currently the emulation methods for the background traffic are either restricted by the performance bottleneck of the software and hardware, or lack of the semantic of flow and session. So they can ´t satisfy the IDS evaluation requirement in highspeed network environment. After analyzing the requirement of IDSs evaluation and the characteristics of network traffic, this paper proposes a differential equation model of active flow rate. Based on the equation, a structural simulation model of network flow is constructed and used in the network traffic emulation for IDS evaluation. This model is both simple for high performance and similar to the reality. The experiments show that the model proposed can generate traffic both realistic and controllable.
Keywords :
security of data; active flow rate; background traffic; differential equation model; intrusion detection systems evaluation; network traffic emulation; Automatic testing; Communication system traffic control; Computer science; Differential equations; Emulation; Intrusion detection; Parallel processing; Performance analysis; Telecommunication traffic; Traffic control;
Conference_Titel :
Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on
Conference_Location :
Liaoning
Print_ISBN :
978-0-7695-2943-1
DOI :
10.1109/NPC.2007.125
