00000nam 2200000zi 4500 9.892652 CaOODSP 20221107173230 m o d f cr mn||||||||| 201021s2007 onca ob f000 0 eng d CaOODSP eng rda CaOODSP eng eng fre Co24-3/8-2007-3E-PDF Massicotte, Frederic, author. Intrusion detection system (IDS) testing with a packet stimulator system / Frederic Massicotte. Ottawa, ON Canada : Communication Research Centre Canada = Centre des recherches sur les communications Canada, 2007. 1 online resource (iii, 14 pages) : illustrations. text txt rdacontent computer c rdamedia online resource cr rdacarrier CRC technical note ; CRC-TN-2007-003 "Ottawa, March 2007." Digitized edition from print [produced by Innovation, Science and Economic Development Canada]. Includes bibliographical references (pages 13-14). "The relevant commercial product and research literature shows that many techniques may be used to test Intrusion Detection Systems (IDS) that protect computer networks. There are two main techniques for testing IDS detection accuracy: the vulnerability exploitation program approach and the IDS stimulator approach. In the vulnerability exploitation program approach, real attacks are used against real target systems to generate test cases. The currently available solutions are not scalable and they are limited. For instance, the number of vulnerability exploitation programs used in test data sets is often small and the variety of the targeted systems is limited. To overcome this problem an IDS stimulator can be used to generate test cases based on the IDS signature database and to launch the packets corresponding to those signatures against different IDS for testing. However, most current IDS stimulators were developed for attacking IDS and not for IDS testing and evaluation. In this report, we will investigate how an IDS stimulator could generate test cases to identify problems in the IDS configuration or engine and to identify new IDS evasion techniques. To prove this approach, we developed a new enhanced IDS stimulator that we used against Snort and we identified configuration problems and potential evasion techniques when used against intrusion detection systems"--Abstract, page i. Issued also in print format. Includes abstracts in English and French. Intrusion detection systems (Computer security) Systèmes de détection d'intrusion (Sécurité informatique) Communications Research Centre (Canada), issuing body. CRC technical note ; no. 2007-003. (CaOODSP)9.882494 PDF 992 KB https://publications.gc.ca/collections/collection_2020/isde-ised/Co24/Co24-3-8-2007-3-eng.pdf