International Journal of Networked and Distributed Computing

Volume 4, Issue 1, January 2016, Pages 1 - 10

A Theoretical Exploration of the Impact of Packet Loss on Network Intrusion Detection

Authors
Sidney C. Smith, Robert J. Hammell II, Travis W. Parker, Lisa M. Marvel
Corresponding Author
Sidney C. Smith
Available Online 1 January 2016.
DOI
10.2991/ijndc.2016.4.1.1How to use a DOI?
Keywords
Network Intrusion Detection Packet Loss
Abstract

In this paper we review the problem of packet loss as it pertains to Network Intrusion Detection, seeking to answer two fundamental research questions which are stepping stones towards building a model that can be used to predict the rate of alert loss based upon the rate of packet loss. The first question deals with how the packet loss rate affects the sensor alert rate, and the second considers how the network traffic composition affects the results of the first question. Potential places where packet loss may occur are examined by dividing the problem into network, host, and sensor based packet loss. We posit theories about how packet loss may present itself and develop the Packet Dropper that induces packet loss into a dataset. Drop rates ranging from 0% to 100% are applied to four different datasets and the resulting abridged datasets are analyzed with Snort to collect alert loss rate. Conclusions are drawn about the importance of the distribution of packet loss and the effect of the network traffic composition.

Copyright
© 2017, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

Journal
International Journal of Networked and Distributed Computing
Volume-Issue
4 - 1
Pages
1 - 10
Publication Date
2016/01/01
ISSN (Online)
2211-7946
ISSN (Print)
2211-7938
DOI
10.2991/ijndc.2016.4.1.1How to use a DOI?
Copyright
© 2017, the Authors. Published by Atlantis Press.
Open Access
This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Cite this article

TY  - JOUR
AU  - Sidney C. Smith
AU  - Robert J. Hammell II
AU  - Travis W. Parker
AU  - Lisa M. Marvel
PY  - 2016
DA  - 2016/01/01
TI  - A Theoretical Exploration of the Impact of Packet Loss on Network Intrusion Detection
JO  - International Journal of Networked and Distributed Computing
SP  - 1
EP  - 10
VL  - 4
IS  - 1
SN  - 2211-7946
UR  - https://doi.org/10.2991/ijndc.2016.4.1.1
DO  - 10.2991/ijndc.2016.4.1.1
ID  - Smith2016
ER  -