%0 Journal Article %1 ring2017creation %A Ring, Markus %A Wunderlich, Sarah %A Grüdl, Dominik %A Landes, Dieter %A Hotho, Andreas %D 2017 %J Journal of Information Warfare %K 2017 dataset detection intrusion myown %N 4 %P 41-54 %T Creation of Flow-Based Data Sets for Intrusion Detection %U https://www.jinfowar.com/journal/volume-16-issue-4/creation-flow-based-data-sets-intrusion-detection %V 16 %X Publicly available labelled data sets are necessary for evaluating anomaly-based Intrusion Detection Systems (IDS). However, existing data sets are often not up-to-date or not yet published because of privacy concerns. This paper identifies requirements for good data sets and proposes an approach for their generation. The key idea is to use a test environment and emulate realistic user behaviour with parameterised scripts on the clients. Comprehensive logging mechanisms provide additional information which may be used for a better understanding of the inner dynamics of an IDS. Finally, the proposed approach is used to generate the flow-based CIDDS-002 data set.

@article{ring2017creation, abstract = {Publicly available labelled data sets are necessary for evaluating anomaly-based Intrusion Detection Systems (IDS). However, existing data sets are often not up-to-date or not yet published because of privacy concerns. This paper identifies requirements for good data sets and proposes an approach for their generation. The key idea is to use a test environment and emulate realistic user behaviour with parameterised scripts on the clients. Comprehensive logging mechanisms provide additional information which may be used for a better understanding of the inner dynamics of an IDS. Finally, the proposed approach is used to generate the flow-based CIDDS-002 data set.}, added-at = {2018-01-31T11:07:05.000+0100}, author = {Ring, Markus and Wunderlich, Sarah and Grüdl, Dominik and Landes, Dieter and Hotho, Andreas}, biburl = {https://www.bibsonomy.org/bibtex/24cdd67ec1dee90095658f31654edf3ae/hotho}, interhash = {7f7e9343f15548875591aeb845367b8a}, intrahash = {4cdd67ec1dee90095658f31654edf3ae}, issn = {1445-3312}, journal = {Journal of Information Warfare}, keywords = {2017 dataset detection intrusion myown}, number = 4, pages = {41-54}, timestamp = {2018-01-31T11:14:31.000+0100}, title = { Creation of Flow-Based Data Sets for Intrusion Detection}, url = {https://www.jinfowar.com/journal/volume-16-issue-4/creation-flow-based-data-sets-intrusion-detection}, volume = 16, year = 2017 }