Development and evaluation of a dataset generator tool for generating synthetic log files containing computer attack signatures

Stephen O'Shaughnessy; Geraldine Gray

doi:10.4018/jaci.2011040105

Development and evaluation of a dataset generator tool for generating synthetic log files containing computer attack signatures

Research output: Contribution to journal › Article › peer-review

Abstract

A key requirement for experimental analysis in the areas of network intrusion and computer forensics is the availability of suitable datasets. However, the inherent security and privacy issues surrounding these disciplines have resulted in a lack of available "test-bed" datasets for testing and evaluation purposes. Typically, the datasets required in these cases are from system log files, containing traces of computer misuse. Therefore, there is obvious potential for the use of synthetically generated log files that can accurately reproduce these traces or patterns of misuse. This paper discusses the development, testing, and evaluation of a dataset generator tool, designed to produce such datasets, particularly those containing patterns of common computer attacks.

Original language	English
Pages (from-to)	64-76
Number of pages	13
Journal	International Journal of Ambient Computing and Intelligence
Volume	3
Issue number	2
DOIs	https://doi.org/10.4018/jaci.2011040105
Publication status	Published - Apr 2011

Keywords

Computer forensics
Data mining
Dataset generator
Experimental analysis
Intrusion detection

Access to Document

10.4018/jaci.2011040105

Cite this

@article{52eab8c1bb7d47d881f803d5ca375456,

title = "Development and evaluation of a dataset generator tool for generating synthetic log files containing computer attack signatures",

abstract = "A key requirement for experimental analysis in the areas of network intrusion and computer forensics is the availability of suitable datasets. However, the inherent security and privacy issues surrounding these disciplines have resulted in a lack of available {"}test-bed{"} datasets for testing and evaluation purposes. Typically, the datasets required in these cases are from system log files, containing traces of computer misuse. Therefore, there is obvious potential for the use of synthetically generated log files that can accurately reproduce these traces or patterns of misuse. This paper discusses the development, testing, and evaluation of a dataset generator tool, designed to produce such datasets, particularly those containing patterns of common computer attacks.",

keywords = "Computer forensics, Data mining, Dataset generator, Experimental analysis, Intrusion detection",

author = "Stephen O'Shaughnessy and Geraldine Gray",

year = "2011",

month = apr,

doi = "10.4018/jaci.2011040105",

language = "English",

volume = "3",

pages = "64--76",

journal = "International Journal of Ambient Computing and Intelligence",

issn = "1941-6237",

publisher = "IGI Global Publishing",

number = "2",

}

TY - JOUR

T1 - Development and evaluation of a dataset generator tool for generating synthetic log files containing computer attack signatures

AU - O'Shaughnessy, Stephen

AU - Gray, Geraldine

PY - 2011/4

Y1 - 2011/4

N2 - A key requirement for experimental analysis in the areas of network intrusion and computer forensics is the availability of suitable datasets. However, the inherent security and privacy issues surrounding these disciplines have resulted in a lack of available "test-bed" datasets for testing and evaluation purposes. Typically, the datasets required in these cases are from system log files, containing traces of computer misuse. Therefore, there is obvious potential for the use of synthetically generated log files that can accurately reproduce these traces or patterns of misuse. This paper discusses the development, testing, and evaluation of a dataset generator tool, designed to produce such datasets, particularly those containing patterns of common computer attacks.

AB - A key requirement for experimental analysis in the areas of network intrusion and computer forensics is the availability of suitable datasets. However, the inherent security and privacy issues surrounding these disciplines have resulted in a lack of available "test-bed" datasets for testing and evaluation purposes. Typically, the datasets required in these cases are from system log files, containing traces of computer misuse. Therefore, there is obvious potential for the use of synthetically generated log files that can accurately reproduce these traces or patterns of misuse. This paper discusses the development, testing, and evaluation of a dataset generator tool, designed to produce such datasets, particularly those containing patterns of common computer attacks.

KW - Computer forensics

KW - Data mining

KW - Dataset generator

KW - Experimental analysis

KW - Intrusion detection

UR - https://www.scopus.com/pages/publications/80052898625

U2 - 10.4018/jaci.2011040105

DO - 10.4018/jaci.2011040105

M3 - Article

AN - SCOPUS:80052898625

SN - 1941-6237

VL - 3

SP - 64

EP - 76

JO - International Journal of Ambient Computing and Intelligence

JF - International Journal of Ambient Computing and Intelligence

IS - 2

ER -

Development and evaluation of a dataset generator tool for generating synthetic log files containing computer attack signatures

Abstract

Keywords

Access to Document

Fingerprint

Cite this