Towards Systematic Signature Testing
نویسندگان
چکیده
The success and the acceptance of intrusion detection systems essentially depend on the accuracy of their analysis. Inaccurate signatures strongly trigger false alarms. In practice several thousands false alarms per month are reported which limit the successful deployment of intrusion detection systems. Most today deployed intrusion detection systems apply misuse detection as detection procedure. Misuse detection compares the recorded audit data with predefined patterns, the signatures. These are mostly empirically developed based on experience and knowledge of experts. Methods for a systematic development have been scarcely reported yet. A testing and correcting phase is required to improve the quality of the signatures. Signature testing is still a rather empirical process like signature development itself. There exists no test methodology so far. In this paper we present first approaches for a systematic test of signatures. We characterize the test objectives and present different test methods.
منابع مشابه
Towards systematic interoperability testing of distributed systems
This work suggests an approach towards a systematic methodology of developing and applying interoperability tests for distributed systems. The methodology includes interoperability assessment and dynamic interoperability testing.
متن کاملIdentifying Modeling Errors in Signatures by Model Checking
Most intrusion detection systems deployed today apply misuse detection as analysis method. Misuse detection searches for attack traces in the recorded audit data using predefined patterns. The matching rules are called signatures. The definition of signatures is up to now an empirical process based on expert knowledge and experience. The analysis success and accordingly the acceptance of intrus...
متن کاملSignature construction and matching for fault diagnosis in manufacturing processes through fault space analysis
Variation-source identification in manufacturing processes is highly desired since it enables improvements in product quality. Recently, data-driven variation-source identification has received considerable attention. This paper presents a systematic variation-source identification method by assuming a linear model between the quality measurements and process faults. The noise term in the model...
متن کاملTowards universal voluntary HIV testing and counselling: a systematic review of community-based approaches
متن کامل
Attitude of Health Care Professionals Towards Voluntary Counseling and Testing for HIV/AIDS
Introduction: HIV counseling and testing is the vital and preliminary interventional step aimed at reducing the spread of HIV infection. The study was designed to determine the attitude of health care professionals towards voluntary counseling and testing (VCT) for HIV/AIDS at Irrua Specialist Teaching Hospital. Materials & Methods: In this descriptive cross sectional prospective study a sel...
متن کامل