Invention Grant
US07941856B2 Systems and methods for testing and evaluating an intrusion detection system
有权
用于测试和评估入侵检测系统的系统和方法
- Patent Title: Systems and methods for testing and evaluating an intrusion detection system
- Patent Title (中): 用于测试和评估入侵检测系统的系统和方法
-
Application No.: US11294585Application Date: 2005-12-05
-
Publication No.: US07941856B2Publication Date: 2011-05-10
- Inventor: Shai A. Rubin , Somesh Jha , Barton P. Miller
- Applicant: Shai A. Rubin , Somesh Jha , Barton P. Miller
- Applicant Address: US WI Madison
- Assignee: Wisconsin Alumni Research Foundation
- Current Assignee: Wisconsin Alumni Research Foundation
- Current Assignee Address: US WI Madison
- Agency: Boyle Fredrickson, S.C.
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F12/14 ; G06F12/16 ; G08B23/00
Abstract:
Systems, methods and devices according to this invention include a plurality of defined modification rules for modifying a sequence of packets that form an attack on an intrusion detection system. These modification rules include both rules that expand the number of packets and rules that reduce the number of packets. The reducing rules can be applied to a given attack instance to identify one or more root attack instances. The expanding rules can then be applied to each root attack instance to generate a corpus of modified attack instances. The modification rules can preserve the semantics of the attack, so that any modified attack instance generated from the given attack instance remains a true attack. To test an intrusion detection system, the corpus of modified attack instances can be used to determine whether an intrusion detection system detects every modified attack instance.
Public/Granted literature
- US20060253906A1 Systems and methods for testing and evaluating an intrusion detection system Public/Granted day:2006-11-09
Information query
