Network Traffic Profiling for generating intrusion detection evaluation datasets

Intrusion detection has attracted the attention of many researchers in identifying the ever-increasing issue of intrusive activities. In particular, anomaly detection has been the main focus of many researchers due to its potential in detecting novel attacks. However, its adoption to real-world applications has been hampered due to system complexity as these systems require a substantial amount of testing, evaluation, and tuning prior to deployment. Running these systems over real labeled network traces with a comprehensive and extensive set of intrusions and abnormal behavior is the most idealistic methodology for testing and evaluation. This itself is a significant challenge, since the availability of datasets are extremely rare, because from one side, many such datasets are internal and cannot be shared due to privacy issues, and on the other hand the others are heavily anonymized and do not reflect current trends, or they lack certain statistical characteristics so a perfect dataset is yet to exist. TO BE CONT’D

Faculty Supervisor:

Ali Ghorbani

Student:

Iman Sharafaldin

Partner:

IBM Canada

Discipline:

Computer science

Sector:

Information and communications technologies

University:

University of New Brunswick