Konferenzbeitrag

Attack-test and verification systems, steps towards verifiable anomaly detection

Vorschaubild nicht verfügbar
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
2213.pdf (309.9 KB)
Datum
2013
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
INFORMATIK 2013 – Informatik angepasst an Mensch, Organisation und Umwelt
Regular Research Papers
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
Botnet, network malware and anomaly detection algorithms are hard to evaluate and compare against each other due to different data sets. In some cases overspecialization on known malware gives high detection rates due to unknown artifacts in the training data set. This may lead to new malware being unnoticed on a network, because the detection algorithm has not been optimized for this case. Our proposal is a new and work-in-progress approach to generate parametricized and randomized testing data sets on the fly. We plan to couple this with the an automatic verification system to assess the quality of detection algorithms without internal knowledge of their working. We hope to encourage discussion to enhance the draft of our idea and especially to go into more detail on our work in progress.
Beschreibung
Fourné, Marcel; Petersen, Dominique; Pohlmann, Norbert (2013): Attack-test and verification systems, steps towards verifiable anomaly detection. INFORMATIK 2013 – Informatik angepasst an Mensch, Organisation und Umwelt. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-614-5. pp. 2213-2224. Regular Research Papers. Koblenz. 16.-20. September 2013
Schlagwörter
Zitierform
DOI
Tags
Sammlungen
P220 - INFORMATIK 2013 - Informatik angepasst an Mensch, Organisation und Umwelt