Journal
COMPUTERS & SECURITY
Volume 73, Issue -, Pages 411-424Publisher
ELSEVIER ADVANCED TECHNOLOGY
DOI: 10.1016/j.cose.2017.11.004
Keywords
Network security; Dataset; IDS; Network traffic; Netflow
Categories
Funding
- Spanish Govemment-MINECO (Ministerio de Economia y Competitividad)
- FEDER funds [TIN2014-60346-R]
Ask authors/readers for more resources
The evaluation of algorithms and techniques to implement intrusion detection systems heavily rely on the existence of well designed datasets. In the last years, a lot of efforts have been done toward building these datasets. Yet, there is still room to improve. In this paper, a comprehensive review of existing datasets is first done, making emphasis on their main shortcomings. Then, we present a new dataset that is built with real traffic and up-to-date attacks. The main advantage of this dataset over previous ones is its usefulness for evaluating IDSs that consider long-term evolution and traffic periodicity. Models that consider differences in daytime/nighttime or weekdays/weekends can also be trained and evaluated with it. We discuss all the requirements for a modem IDS evaluation dataset and analyze how the one presented here meets the different needs. (C) 2017 Elsevier Ltd. All rights reserved.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available