Accession Number:

ADA621880

Title:

An Experimental Exploration of the Impact of Sensor-Level Packet Loss on Network Intrusion Detection

Descriptive Note:

Final rept. Aug 2012-Mar 2015

Corporate Author:

ARMY RESEARCH LAB ABERDEEN PROVING GROUND MD COMPUTATIONAL AND INFORMATION SCIENCES DIRECTORATE

Report Date:

2015-07-01

Pagination or Media Count:

36.0

Abstract:

In this report we consider the problem of sensor-level packet loss SLPL as it applies to network intrusion detection. We explore 2 research questions 1 Is there sufficient regularity in SLPL to allow an algorithm to be developed to model it and 2 Is the impact of SLPL on network intrusion detection performance sufficiently regular to allow a formula to be developed that will accurately predict the effect We developed and validated the Pcapreplay program, which allowed us to characterize the manifestation of SLPL. We conducted experiments using Pcapreplay and Snort to explore the impact of SLPL. We graphed and analyzed this impact against our previous theoretical work. We conducted experiments using Pcapreplay and Snort to measure the impact on network intrusion detection. We graphed the alert loss rate against the packet loss rate. We compared these graphs to our previous theoretical work. We used nonlinear regression analysis to produce a formula with r-squared and reduced chi-squared values close enough to 1 for us to answer both of our research questions in the affirmative.

Subject Categories:

  • Computer Programming and Software
  • Computer Hardware
  • Computer Systems Management and Standards
  • Radio Communications

Distribution Statement:

APPROVED FOR PUBLIC RELEASE