Next Article in Journal
The Importance of the Security Culture in SMEs as Regards the Correct Management of the Security of Their Assets
Next Article in Special Issue
A Survey of Game Theoretic Approaches to Modelling Decision-Making in Information Warfare Scenarios
Previous Article in Journal
Substring Position Search over Encrypted Cloud Data Supporting Efficient Multi-User Setup
Open AccessArticle

Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS) to Zero-Day and Stealth Attacks

1
School of Engineering and Information Technology, Australian Defence Force Academy, University of New South Wales, Canberra 2052, Australia
2
School of Data and Computer Science, Sun Yat-Sen University, Guangzhou 510006, China
*
Author to whom correspondence should be addressed.
Academic Editor: Sherali Zeadally
Future Internet 2016, 8(3), 29; https://doi.org/10.3390/fi8030029
Received: 13 April 2016 / Revised: 2 June 2016 / Accepted: 24 June 2016 / Published: 5 July 2016
(This article belongs to the Special Issue Cyber Warfare)
The Windows Operating System (OS) is the most popular desktop OS in the world, as it has the majority market share of both servers and personal computing necessities. However, as its default signature-based security measures are ineffectual for detecting zero-day and stealth attacks, it needs an intelligent Host-based Intrusion Detection System (HIDS). Unfortunately, a comprehensive data set that reflects the modern Windows OS’s normal and attack surfaces is not publicly available. To fill this gap, in this paper two open data sets generated by the cyber security department of the Australian Defence Force Academy (ADFA) are introduced, namely: Australian Defence Force Academy Windows Data Set (ADFA-WD); and Australian Defence Force Academy Windows Data Set with a Stealth Attacks Addendum (ADFA-WD: SAA). Statistical analysis results based on these data sets show that, due to the low foot prints of modern attacks and high similarity of normal and attacked data, both these data sets are complex, and highly intelligent Host based Anomaly Detection Systems (HADS) design will be required. View Full-Text
Keywords: operating system; kernel; auditing; anomaly; low foot print attacks operating system; kernel; auditing; anomaly; low foot print attacks
Show Figures

Graphical abstract

MDPI and ACS Style

Haider, W.; Creech, G.; Xie, Y.; Hu, J. Windows Based Data Sets for Evaluation of Robustness of Host Based Intrusion Detection Systems (IDS) to Zero-Day and Stealth Attacks. Future Internet 2016, 8, 29.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop