In this paper, a modeling and simulation framework is proposed for generating data for training and testing intrusion detection systems. The framework can develop models of web usage from web server logs in a data driven fashion and the actual traffic is generated by employing the web browser installed on the host. Additionally, we employed an intrusion detection system as a traffic analyzer to validate the synthetic data that the framework generated and compared it against the standard intrusion detection system benchmark data, namely KDD 99 datasets. Keywords Network Security, Intrusion Detection, Traffic Modeling, Markov Models, Self-Organizing Maps
Hilmi Günes Kayacik, A. Nur Zincir-Heywood