Attack-Test and Verification Systems, steps towards verifiable Anomaly Detection
نویسندگان
چکیده
Botnet, network malware and anomaly detection algorithms are hard to evaluate and compare against each other due to different data sets. In some cases overspecialization on known malware gives high detection rates due to unknown artifacts in the training data set. This may lead to new malware being unnoticed on a network, because the detection algorithm has not been optimized for this case. Our proposal is a new and work-in-progress approach to generate parametricized and randomized testing data sets on the fly. We plan to couple this with the an automatic verification system to assess the quality of detection algorithms without internal knowledge of their working. We hope to encourage discussion to enhance the draft of our idea and especially to go into more detail on our work in progress.
منابع مشابه
Anomaly-based Web Attack Detection: The Application of Deep Neural Network Seq2Seq With Attention Mechanism
Today, the use of the Internet and Internet sites has been an integrated part of the people’s lives, and most activities and important data are in the Internet websites. Thus, attempts to intrude into these websites have grown exponentially. Intrusion detection systems (IDS) of web attacks are an approach to protect users. But, these systems are suffering from such drawbacks as low accuracy in ...
متن کاملTrajectory Boundary Modeling of Time Series for Anomaly Detection
We address the problem of online detection of unanticipated modes of mechanical failure given a small set of time series under normal conditions, with the requirement that the anomaly detection model be manually verifiable and modifiable. We specify a set of time series features, which are linear combinations of the current and past values, and model the allowed feature values by a sequence of ...
متن کاملA New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملVerifiable Secret Sharing with Comprehensive and Efficient Public Verification
VSS (verifiable secret sharing) is an important security protection tool in distributed systems. When VSS is employed in publicly verifiable applications, it needs to achieve public verifiability and be upgraded to PVSS (publicly verifiable secret sharing). Besides the two basic security properties, bindingness and hidingness, PVSS concentrates on public verifiability of validity all the operat...
متن کامل