Next Article in Journal
The Importance of the Security Culture in SMEs as Regards the Correct Management of the Security of Their Assets
Next Article in Special Issue
A Survey of Game Theoretic Approaches to Modelling Decision-Making in Information Warfare Scenarios
Previous Article in Journal
Substring Position Search over Encrypted Cloud Data Supporting Efficient Multi-User Setup
Article Menu

Export Article

Open AccessArticle
Future Internet 2016, 8(3), 29; doi:10.3390/fi8030029

Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS) to Zero-Day and Stealth Attacks

1
School of Engineering and Information Technology, Australian Defence Force Academy, University of New South Wales, Canberra 2052, Australia
2
School of Data and Computer Science, Sun Yat-Sen University, Guangzhou 510006, China
*
Author to whom correspondence should be addressed.
Academic Editor: Sherali Zeadally
Received: 13 April 2016 / Revised: 2 June 2016 / Accepted: 24 June 2016 / Published: 5 July 2016
(This article belongs to the Special Issue Cyber Warfare)
View Full-Text   |   Download PDF [423 KB, uploaded 5 July 2016]   |  

Abstract

The Windows Operating System (OS) is the most popular desktop OS in the world, as it has the majority market share of both servers and personal computing necessities. However, as its default signature-based security measures are ineffectual for detecting zero-day and stealth attacks, it needs an intelligent Host-based Intrusion Detection System (HIDS). Unfortunately, a comprehensive data set that reflects the modern Windows OS’s normal and attack surfaces is not publicly available. To fill this gap, in this paper two open data sets generated by the cyber security department of the Australian Defence Force Academy (ADFA) are introduced, namely: Australian Defence Force Academy Windows Data Set (ADFA-WD); and Australian Defence Force Academy Windows Data Set with a Stealth Attacks Addendum (ADFA-WD: SAA). Statistical analysis results based on these data sets show that, due to the low foot prints of modern attacks and high similarity of normal and attacked data, both these data sets are complex, and highly intelligent Host based Anomaly Detection Systems (HADS) design will be required. View Full-Text
Keywords: operating system; kernel; auditing; anomaly; low foot print attacks operating system; kernel; auditing; anomaly; low foot print attacks
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. (CC BY 4.0).

Scifeed alert for new publications

Never miss any articles matching your research from any publisher
  • Get alerts for new papers matching your research
  • Find out the new papers from selected authors
  • Updated daily for 49'000+ journals and 6000+ publishers
  • Define your Scifeed now

SciFeed Share & Cite This Article

MDPI and ACS Style

Haider, W.; Creech, G.; Xie, Y.; Hu, J. Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS) to Zero-Day and Stealth Attacks. Future Internet 2016, 8, 29.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Future Internet EISSN 1999-5903 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top