Authors:
Pierre-Marie Bajan
1
;
Christophe Kiennert
2
and
Herve Debar
2
Affiliations:
1
IRT SystemX, Palaiseau and France
;
2
Telecom SudParis, Orsay and France
Keyword(s):
Evaluation Methodology, Cybersecurity, Network Simulation.
Related
Ontology
Subjects/Areas/Topics:
Computer-Supported Education
;
Enterprise Information Systems
;
Information Systems Analysis and Specification
;
Information Technologies Supporting Learning
;
Internet Technology
;
Intrusion Detection and Response
;
Security
;
Security and Privacy
;
Web Information Systems and Technologies
Abstract:
This paper presents a methodology for the evaluation of network services security and the security of protection products. This type of evaluation is an important activity, considering the ever-increasing number of security incidents in networks. Those evaluations can present different challenges with a variety of properties to verify and an even larger number of tools available to compose and orchestrate together. The chosen approach in the paper is to simulate scenarios to perform traffic generation containing both benign and malicious actions against services and security products, that can be used separately or conjointly in attack simulations. We use our recently proposed method to generate evaluation data. This methodology highlights the preparation efforts from the evaluator to choose an appropriate data generating function and make topology choices. The paper presents the case and discusses the experimental results of an evaluation of a network-based IDS, with only benign tra
ffic, only malicious traffic, and mixed traffic.
(More)