A methodology for testing intrusion detection systems

A methodology for testing intrusion detection systems

Intrusion detection systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, the authors have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on software engineering 1996-10, Vol.22 (10), p.719-729
Hauptverfasser: Puketza, N.J., Zhang, K., Chung, M., Mukherjee, B., Olsson, R.A.
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Access to information
Applied sciences
Computational modeling
Computer networks
Computer science
control theory
systems
Computer security
Computer simulation
Computer systems performance. Reliability
Computerized monitoring
Cybersecurity
Data encryption
Exact sciences and technology
Experiments
Expert systems
Intrusion detection
Intrusion detection systems
Methods
National security
Security systems
Simulation
Software
Software engineering
Software packages
Software testing
Studies
System testing
Testing
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 729
container_issue 10
container_start_page 719
container_title IEEE transactions on software engineering
container_volume 22
creator Puketza, N.J.
Zhang, K.
Chung, M.
Mukherjee, B.
Olsson, R.A.
description Intrusion detection systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, the authors have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which they have adapted for the specific purpose of testing IDSs. They identify a set of general IDS performance objectives which is the basis for the methodology. They present the details of the methodology, including strategies for test-case selection and specific testing procedures. They include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. They present an overview of the software platform that has been used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that they have developed, including mechanisms for concurrent scripts and a record-and-replay feature. They also provide background information on intrusions and IDSs to motivate their work.
doi_str_mv 10.1109/32.544350
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_544350</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>544350</ieee_id><sourcerecordid>11062940</sourcerecordid><originalsourceid>FETCH-LOGICAL-c333t-ce597d7885e023d4c2aa72da85e60531d71156b36203a5537907bdd0fe1a0c2a3</originalsourceid><addsrcrecordid>eNpdkD1PwzAQhi0EEqUwsDJFCCExpJztXB2PVcWXVIkFZsu1nZIqiYvtDP33pErVgenudM89enWE3FKYUQrymbMZFgVHOCMTKrnMOTI4JxMAWeaIpbwkVzFuAQCFwAnBRda69OOtb_xmn1U-ZMnFVHebrO5S6GPtu8y65Ew6dHEfk2vjNbmodBPdzbFOyffry9fyPV99vn0sF6vccM5TbhxKYUVZogPGbWGY1oJZPcxzQE6toBTnaz5nwDUiFxLE2lqoHNUwwHxKHkfvLvjffsil2joa1zS6c76PipUMCsqKAbz_B259H7ohm6IScY6UlQP0NEIm-BiDq9Qu1K0Oe0VBHb6nOFPj9wb24SjU0eimCrozdTwdMKRSFgfl3YjVzrnT9uj4A7_PdO0</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>195565128</pqid></control><display><type>article</type><title>A methodology for testing intrusion detection systems</title><source>IEEE Electronic Library (IEL)</source><creator>Puketza, N.J. ; Zhang, K. ; Chung, M. ; Mukherjee, B. ; Olsson, R.A.</creator><creatorcontrib>Puketza, N.J. ; Zhang, K. ; Chung, M. ; Mukherjee, B. ; Olsson, R.A.</creatorcontrib><description>Intrusion detection systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, the authors have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which they have adapted for the specific purpose of testing IDSs. They identify a set of general IDS performance objectives which is the basis for the methodology. They present the details of the methodology, including strategies for test-case selection and specific testing procedures. They include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. They present an overview of the software platform that has been used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that they have developed, including mechanisms for concurrent scripts and a record-and-replay feature. They also provide background information on intrusions and IDSs to motivate their work.</description><identifier>ISSN: 0098-5589</identifier><identifier>EISSN: 1939-3520</identifier><identifier>DOI: 10.1109/32.544350</identifier><identifier>CODEN: IESEDJ</identifier><language>eng</language><publisher>New York, NY: IEEE</publisher><subject>Access control ; Access to information ; Applied sciences ; Computational modeling ; Computer networks ; Computer science; control theory; systems ; Computer security ; Computer simulation ; Computer systems performance. Reliability ; Computerized monitoring ; Cybersecurity ; Data encryption ; Exact sciences and technology ; Experiments ; Expert systems ; Intrusion detection ; Intrusion detection systems ; Methods ; National security ; Security systems ; Simulation ; Software ; Software engineering ; Software packages ; Software testing ; Studies ; System testing ; Testing</subject><ispartof>IEEE transactions on software engineering, 1996-10, Vol.22 (10), p.719-729</ispartof><rights>1997 INIST-CNRS</rights><rights>Copyright Institute of Electrical and Electronics Engineers, Inc. (IEEE) Oct 1996</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c333t-ce597d7885e023d4c2aa72da85e60531d71156b36203a5537907bdd0fe1a0c2a3</citedby><cites>FETCH-LOGICAL-c333t-ce597d7885e023d4c2aa72da85e60531d71156b36203a5537907bdd0fe1a0c2a3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/544350$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>315,781,785,797,27928,27929,54762</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/544350$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&amp;idt=2519948$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><creatorcontrib>Puketza, N.J.</creatorcontrib><creatorcontrib>Zhang, K.</creatorcontrib><creatorcontrib>Chung, M.</creatorcontrib><creatorcontrib>Mukherjee, B.</creatorcontrib><creatorcontrib>Olsson, R.A.</creatorcontrib><title>A methodology for testing intrusion detection systems</title><title>IEEE transactions on software engineering</title><addtitle>TSE</addtitle><description>Intrusion detection systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, the authors have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which they have adapted for the specific purpose of testing IDSs. They identify a set of general IDS performance objectives which is the basis for the methodology. They present the details of the methodology, including strategies for test-case selection and specific testing procedures. They include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. They present an overview of the software platform that has been used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that they have developed, including mechanisms for concurrent scripts and a record-and-replay feature. They also provide background information on intrusions and IDSs to motivate their work.</description><subject>Access control</subject><subject>Access to information</subject><subject>Applied sciences</subject><subject>Computational modeling</subject><subject>Computer networks</subject><subject>Computer science; control theory; systems</subject><subject>Computer security</subject><subject>Computer simulation</subject><subject>Computer systems performance. Reliability</subject><subject>Computerized monitoring</subject><subject>Cybersecurity</subject><subject>Data encryption</subject><subject>Exact sciences and technology</subject><subject>Experiments</subject><subject>Expert systems</subject><subject>Intrusion detection</subject><subject>Intrusion detection systems</subject><subject>Methods</subject><subject>National security</subject><subject>Security systems</subject><subject>Simulation</subject><subject>Software</subject><subject>Software engineering</subject><subject>Software packages</subject><subject>Software testing</subject><subject>Studies</subject><subject>System testing</subject><subject>Testing</subject><issn>0098-5589</issn><issn>1939-3520</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>1996</creationdate><recordtype>article</recordtype><sourceid>8G5</sourceid><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><sourceid>GUQSH</sourceid><sourceid>M2O</sourceid><recordid>eNpdkD1PwzAQhi0EEqUwsDJFCCExpJztXB2PVcWXVIkFZsu1nZIqiYvtDP33pErVgenudM89enWE3FKYUQrymbMZFgVHOCMTKrnMOTI4JxMAWeaIpbwkVzFuAQCFwAnBRda69OOtb_xmn1U-ZMnFVHebrO5S6GPtu8y65Ew6dHEfk2vjNbmodBPdzbFOyffry9fyPV99vn0sF6vccM5TbhxKYUVZogPGbWGY1oJZPcxzQE6toBTnaz5nwDUiFxLE2lqoHNUwwHxKHkfvLvjffsil2joa1zS6c76PipUMCsqKAbz_B259H7ohm6IScY6UlQP0NEIm-BiDq9Qu1K0Oe0VBHb6nOFPj9wb24SjU0eimCrozdTwdMKRSFgfl3YjVzrnT9uj4A7_PdO0</recordid><startdate>19961001</startdate><enddate>19961001</enddate><creator>Puketza, N.J.</creator><creator>Zhang, K.</creator><creator>Chung, M.</creator><creator>Mukherjee, B.</creator><creator>Olsson, R.A.</creator><general>IEEE</general><general>Institute of Electrical and Electronics Engineers</general><general>IEEE Computer Society</general><scope>IQODW</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7WY</scope><scope>7WZ</scope><scope>7X7</scope><scope>7XB</scope><scope>87Z</scope><scope>88E</scope><scope>88F</scope><scope>88I</scope><scope>88K</scope><scope>8AL</scope><scope>8FE</scope><scope>8FG</scope><scope>8FI</scope><scope>8FJ</scope><scope>8FK</scope><scope>8FL</scope><scope>8G5</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRNLG</scope><scope>FYUFA</scope><scope>F~G</scope><scope>GHDGH</scope><scope>GNUQQ</scope><scope>GUQSH</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K60</scope><scope>K6~</scope><scope>K7-</scope><scope>K9.</scope><scope>L.-</scope><scope>L6V</scope><scope>M0C</scope><scope>M0N</scope><scope>M0S</scope><scope>M1P</scope><scope>M1Q</scope><scope>M2O</scope><scope>M2P</scope><scope>M2T</scope><scope>M7S</scope><scope>MBDVC</scope><scope>P5Z</scope><scope>P62</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>Q9U</scope><scope>7SC</scope><scope>8FD</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>19961001</creationdate><title>A methodology for testing intrusion detection systems</title><author>Puketza, N.J. ; Zhang, K. ; Chung, M. ; Mukherjee, B. ; Olsson, R.A.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c333t-ce597d7885e023d4c2aa72da85e60531d71156b36203a5537907bdd0fe1a0c2a3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>1996</creationdate><topic>Access control</topic><topic>Access to information</topic><topic>Applied sciences</topic><topic>Computational modeling</topic><topic>Computer networks</topic><topic>Computer science; control theory; systems</topic><topic>Computer security</topic><topic>Computer simulation</topic><topic>Computer systems performance. Reliability</topic><topic>Computerized monitoring</topic><topic>Cybersecurity</topic><topic>Data encryption</topic><topic>Exact sciences and technology</topic><topic>Experiments</topic><topic>Expert systems</topic><topic>Intrusion detection</topic><topic>Intrusion detection systems</topic><topic>Methods</topic><topic>National security</topic><topic>Security systems</topic><topic>Simulation</topic><topic>Software</topic><topic>Software engineering</topic><topic>Software packages</topic><topic>Software testing</topic><topic>Studies</topic><topic>System testing</topic><topic>Testing</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Puketza, N.J.</creatorcontrib><creatorcontrib>Zhang, K.</creatorcontrib><creatorcontrib>Chung, M.</creatorcontrib><creatorcontrib>Mukherjee, B.</creatorcontrib><creatorcontrib>Olsson, R.A.</creatorcontrib><collection>Pascal-Francis</collection><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>Access via ABI/INFORM (ProQuest)</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>Health &amp; Medical Collection</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Medical Database (Alumni Edition)</collection><collection>Military Database (Alumni Edition)</collection><collection>Science Database (Alumni Edition)</collection><collection>Telecommunications (Alumni Edition)</collection><collection>Computing Database (Alumni Edition)</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Hospital Premium Collection</collection><collection>Hospital Premium Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>Research Library (Alumni Edition)</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Business Premium Collection (Alumni)</collection><collection>Health Research Premium Collection</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>Health Research Premium Collection (Alumni)</collection><collection>ProQuest Central Student</collection><collection>Research Library Prep</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ProQuest Health &amp; Medical Complete (Alumni)</collection><collection>ABI/INFORM Professional Advanced</collection><collection>ProQuest Engineering Collection</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>Health &amp; Medical Collection (Alumni Edition)</collection><collection>Medical Database</collection><collection>Military Database</collection><collection>Research Library</collection><collection>Science Database</collection><collection>Telecommunications Database</collection><collection>Engineering Database</collection><collection>Research Library (Corporate)</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>ProQuest Central Basic</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on software engineering</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Puketza, N.J.</au><au>Zhang, K.</au><au>Chung, M.</au><au>Mukherjee, B.</au><au>Olsson, R.A.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A methodology for testing intrusion detection systems</atitle><jtitle>IEEE transactions on software engineering</jtitle><stitle>TSE</stitle><date>1996-10-01</date><risdate>1996</risdate><volume>22</volume><issue>10</issue><spage>719</spage><epage>729</epage><pages>719-729</pages><issn>0098-5589</issn><eissn>1939-3520</eissn><coden>IESEDJ</coden><abstract>Intrusion detection systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, the authors have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which they have adapted for the specific purpose of testing IDSs. They identify a set of general IDS performance objectives which is the basis for the methodology. They present the details of the methodology, including strategies for test-case selection and specific testing procedures. They include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. They present an overview of the software platform that has been used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that they have developed, including mechanisms for concurrent scripts and a record-and-replay feature. They also provide background information on intrusions and IDSs to motivate their work.</abstract><cop>New York, NY</cop><pub>IEEE</pub><doi>10.1109/32.544350</doi><tpages>11</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 0098-5589
ispartof IEEE transactions on software engineering, 1996-10, Vol.22 (10), p.719-729
issn 0098-5589
1939-3520
language eng
recordid cdi_ieee_primary_544350
source IEEE Electronic Library (IEL)
subjects Access control
Access to information
Applied sciences
Computational modeling
Computer networks
Computer science
control theory
systems
Computer security
Computer simulation
Computer systems performance. Reliability
Computerized monitoring
Cybersecurity
Data encryption
Exact sciences and technology
Experiments
Expert systems
Intrusion detection
Intrusion detection systems
Methods
National security
Security systems
Simulation
Software
Software engineering
Software packages
Software testing
Studies
System testing
Testing
title A methodology for testing intrusion detection systems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-16T18%3A15%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20methodology%20for%20testing%20intrusion%20detection%20systems&rft.jtitle=IEEE%20transactions%20on%20software%20engineering&rft.au=Puketza,%20N.J.&rft.date=1996-10-01&rft.volume=22&rft.issue=10&rft.spage=719&rft.epage=729&rft.pages=719-729&rft.issn=0098-5589&rft.eissn=1939-3520&rft.coden=IESEDJ&rft_id=info:doi/10.1109/32.544350&rft_dat=%3Cproquest_RIE%3E11062940%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=195565128&rft_id=info:pmid/&rft_ieee_id=544350&rfr_iscdi=true