Dependable Security: Testing Network Intrusion Detection Systems



Bibliographic Information


The network security systems have unique testing requirements. Like other systems, they need to be tested to ensure that they perform as expected, and to specify the conditions under which they might fail. However, un-like other systems, the data required to perform such testing is not easily or publicly available. In this paper we present the requirements for appropriate network traces for testing such systems, along with the challenges of creating public network traces. We make recommendations for tackling these challenges and suggest approaches to developing a public suite of network traces for use by the security community.

Copyright Notice

The definitive version was published in the Proceedings of the Third Workshop on Hot Topics in System Dependability, 2007.