Skip to main content
SpringerLink
Log in
Book cover

International Conference on Networked Systems

NETYS 2015: Networked Systems pp 513–517Cite as

Modeling and Implementation Approach to Evaluate the Intrusion Detection System

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 9466))

Abstract

Intrusions detection systems (IDSs) are systems that try to detect attacks as they occur or when they were over. Research in this area had two objectives: first, reducing the impact of attacks; and secondly the evaluation of the system IDS. Indeed, in one hand the IDSs collect network traffic information from some sources present in the network or the computer system and then use these data to enhance the systems safety. In the other hand, the evaluation of IDS is a critical task. In fact, its important to note the difference between evaluating the effectiveness of an entire system and evaluating the characteristics of the system components. In this paper, we present an approach for IDS evaluating based on measuring the performance of its components. First of all, in order to implement the IDS SNORT components safely we have proposed a hardware platform based on embedded systems. Then we have tested it by using a generator of traffics and attacks based on Linux KALI (Backtrack) and Metasploite 3 Framework. The obtained results show that the IDS performance is closely related to the characteristics of these components.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Khorkov, D.A.: Methods for testing network-intrusion detection systems. Sci. Tech. Inf. Proc. 39(2), 120–126 (2012). doi:10.3103/S0147688212020128

    Article  Google Scholar 

  2. Mell, P., Hu, V., Lippmann, R., Haines, J., Zissman, M.: An overview of issues in testing intrusion detection systems. Technical report, National Institute of Standard and Technology (2003)

    Google Scholar 

  3. Akhlaq, M., Alserhani, F., Awan, I., Mellor, J., Cullen, A.J., Al-Dhelaan, A.: Implementation and evaluation of network intrusion detection systems. In: Kouvatsos, D.D. (ed.) Next Generation Internet: Performance Evaluation and Applications. LNCS, vol. 5233, pp. 988–1016. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  4. Saber, M., Emharref, M., Bouchentouf, T., Benazzi, A.: Platform based on an embedded system to evaluate the intrusion detection system. In: IEEE Xplore Digital Library. pp. 894–899 (2012) doi:10.1109/ICMCS.2012.6320253

  5. Albin, E.; Rowe, N.C.: A realistic experimental comparison of the suricata and SNORT intrusion-detection systems. In: 2012 26th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 122–127, 26–29 March 2012. doi:10.1109/WAINA.2012.29

  6. Wang, X., Kordas, A., Hu, L., Gaedke, M., Smith, D.: Administrative evaluation of intrusion detection system. In: Proceedings of the 2nd Annual Conference on Research in Information Technology (RIIT 2013) pp. 47–52. ACM, New York, USA (2013) doi:10.1145/2512209.2512216

Download references

Author information

Authors and Affiliations

  1. Laboratory LSE2I, National School of Applied Sciences, First Mohammed University, Oujda, Morocco

    Mohammed Saber, Mohamed Emharraf & Ilhame El Farissi

  2. Laboratory Electronics and Systems, Sciences Faculty, First Mohammed University, Oujda, Morocco

    Sara Chadli

Authors
  1. Mohammed Saber
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sara Chadli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohamed Emharraf
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ilhame El Farissi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sara Chadli .

Editor information

Editors and Affiliations

  1. Université Paris Diderot, Paris Cedex 13, France

    Ahmed Bouajjani

  2. Université Paris Diderot, Paris Cedex 13, France

    Hugues Fauconnier

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Saber, M., Chadli, S., Emharraf, M., El Farissi, I. (2015). Modeling and Implementation Approach to Evaluate the Intrusion Detection System. In: Bouajjani, A., Fauconnier, H. (eds) Networked Systems . NETYS 2015. Lecture Notes in Computer Science(), vol 9466. Springer, Cham. https://doi.org/10.1007/978-3-319-26850-7_41

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-26850-7_41

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-26849-1

  • Online ISBN: 978-3-319-26850-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation