Methodology of a Network Simulation in the Context of an Evaluation: Application to an IDS

Pierre-Marie Bajan; Christophe Kiennert; Herve Debar

doi:10.5220/0007378603780388

Methodology of a Network Simulation in the Context of an Evaluation: Application to an IDS

Pierre-Marie Bajan, Christophe Kiennert, Herve Debar

2019

Abstract

This paper presents a methodology for the evaluation of network services security and the security of protection products. This type of evaluation is an important activity, considering the ever-increasing number of security incidents in networks. Those evaluations can present different challenges with a variety of properties to verify and an even larger number of tools available to compose and orchestrate together. The chosen approach in the paper is to simulate scenarios to perform traffic generation containing both benign and malicious actions against services and security products, that can be used separately or conjointly in attack simulations. We use our recently proposed method to generate evaluation data. This methodology highlights the preparation efforts from the evaluator to choose an appropriate data generating function and make topology choices. The paper presents the case and discusses the experimental results of an evaluation of a network-based IDS, with only benign traffic, only malicious traffic, and mixed traffic.

Download

Paper Citation

in Harvard Style

Bajan P., Kiennert C. and Debar H. (2019). Methodology of a Network Simulation in the Context of an Evaluation: Application to an IDS.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 378-388. DOI: 10.5220/0007378603780388

in Bibtex Style

@conference{icissp19,
author={Pierre-Marie Bajan and Christophe Kiennert and Herve Debar},
title={Methodology of a Network Simulation in the Context of an Evaluation: Application to an IDS},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={378-388},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007378603780388},
isbn={978-989-758-359-9},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Methodology of a Network Simulation in the Context of an Evaluation: Application to an IDS
SN - 978-989-758-359-9
AU - Bajan P.
AU - Kiennert C.
AU - Debar H.
PY - 2019
SP - 378
EP - 388
DO - 10.5220/0007378603780388