Methodology of a network simulation in the context of an evaluation: application to an IDS

Abstract : This paper presents a methodology for the evaluation of network services security and the security of protection products. This type of evaluation is an important activity, considering the ever-increasing number of security incidents in networks. Those evaluations can present different challenges with a variety of properties to verify and an even larger number of tools available to compose and orchestrate together. The chosen approach in the paper is to simulate scenarios to perform traffic generation containing both benign and malicious actions against services and security products, that can be used separately or conjointly in attack simulations. We use our recently proposed method to generate evaluation data. This methodology highlights the preparation efforts from the evaluator to choose an appropriate data generating function and make topology choices. The paper presents the case and discusses the experimental results of an evaluation of a network-based IDS, with only benign traffic, only malicious traffic, and mixed traffic
Complete list of metadatas

Cited literature [12 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-02176684
Contributor : Pierre-Marie Bajan <>
Submitted on : Monday, July 8, 2019 - 1:49:08 PM
Last modification on : Wednesday, July 17, 2019 - 1:36:19 AM

File

Article_ICISSP.pdf
Files produced by the author(s)

Identifiers

Citation

Pierre-Marie Bajan, Christophe Kiennert, Hervé Debar. Methodology of a network simulation in the context of an evaluation: application to an IDS. ICISSP 2019: 5th International Conference on Information Systems Security and Privacy, Feb 2019, Prague, Czech Republic. pp.378-388, ⟨10.5220/0007378603780388⟩. ⟨hal-02176684⟩

Share

Metrics

Record views

17

Files downloads

5