Presentation 2018-09-07
A Consideration of Evaluation Dataset for Malware Detection System
Hisashi Takahara,
PDF Download Page PDF download Page Link
Abstract(in Japanese) (See Japanese page)
Abstract(in English) Today, while internet cyber-attacks are increasing, protection against the cyber-attacks have become indispensable. Among these, Network-based Intrusion Detection (NIDS) is a system that detects intrusions by focusing on traffic data. In terms of evaluation of NIDS methods, there are PCAP data which is raw traffic data and session data which is summarized by session units. There are two-types in NIDS. One detects malware before intrusion and the other detects malware after intrusion. Evaluations that use PCAP data are able to be used for an evaluation of intrusion detection and on the other hand evaluations that use session data mainly are used for an evaluation of infection detection. Because evaluations that use session data need to wait for the session to finish when preparing data. Thus the data sets for evaluation have uses suited to each type, but to our knowledge, there is no literature that discusses this. Accordingly, this paper separates the data sets by type and examines sorts of evaluations suited to each type. Furthermore, in this paper, we summarize the problems by type in preparing the data sets, and we also refers to data collection methods in actual networks by type.
Keyword(in Japanese) (See Japanese page)
Keyword(in English) KDD Cup 1999 Data / Kyoto2016 Data / Intrusion Detection System / PCAP type / Session type
Paper # IN2018-33
Date of Issue 2018-08-30 (IN)

Conference Information
Committee IN / NS / CS
Conference Date 2018/9/6(2days)
Place (in Japanese) (See Japanese page)
Place (in English) Research Institute of Electrical Communication, Tohoku Univ.
Topics (in Japanese) (See Japanese page)
Topics (in English) Session Management (SIP/IMS), Interoperability/Standardization, NGN/NwGN/Future Networks, Cloud/Data Center Networks, SDN (OpenFlow, etc.)/NFV, IPv6, Machine Learning, etc.
Chair Takuji Kishida(NTT-AT) / Yoshikatsu Okazaki(NTT) / Hidenori Nakazato(Waseda Univ.)
Vice Chair Kenji Ishida(Hiroshima City Univ.) / Akihiro Nakao(Univ. of Tokyo) / Jun Terada(NTT)
Secretary Kenji Ishida(KDDI Research) / Akihiro Nakao(KDDI Research) / Jun Terada(NTT)
Assistant / Kenichi Kashibuchi(NTT) / Kazutaka Hara(NTT) / Kentaro Toyoda(Keio Univ.)

Paper Information
Registration To Technical Committee on Information Networks / Technical Committee on Network Systems / Technical Committee on Communication Systems
Language JPN
Title (in Japanese) (See Japanese page)
Sub Title (in Japanese) (See Japanese page)
Title (in English) A Consideration of Evaluation Dataset for Malware Detection System
Sub Title (in English)
Keyword(1) KDD Cup 1999 Data
Keyword(2) Kyoto2016 Data
Keyword(3) Intrusion Detection System
Keyword(4) PCAP type
Keyword(5) Session type
1st Author's Name Hisashi Takahara
1st Author's Affiliation University of NIIGATA PREFECTURE(UNP)
Date 2018-09-07
Paper # IN2018-33
Volume (vol) vol.118
Number (no) IN-207
Page pp.pp.65-69(IN),
#Pages 5
Date of Issue 2018-08-30 (IN)