350 rub
Journal Highly available systems №2 for 2011 г.
Article in number:
Popper-s criterion vs. information security research
Keywords: intrusion detection methodology
Authors:
D.Y. Gamayunov
Abstract:
Popper-s falsifiability criterion helps us to distinguish between scientific and non-scientific theories. In this paper we try to discuss whether this criterion is applicable to the information security research, especially to the intrusion detection and malware research field. In fact, the designated research field seems to fail to satisfy the falsifiability criterion, because it lacks practice of publishing raw experimental data which is used to prove the theories. Existing public datasets like KDD Cup-99 dataset and VX Heavens virus dataset are outdated. At the same time new malware analysis projects tend to keep their datasets private. The conclusion is scientific community should pay more attention to creating and maintaining public open datasets of malware and any kinds of computer attacks related data
Pages: 90-92
References
  1. Поппер К. Логика и рост научного знания. М.: Прогрес. 1983.
  2. Отчёты NSS Labs по системам обнаружения атак. [WWW] http://www.nsslabs.com/research/network-security/network-ips/
  3. KDD Cup 1999 Data. [WWW] http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
  4. Terry Brugger, KDD Cup-99 dataset considered harmful. UC Davis, 2007. [WWW] http://www.bruggerink.com/~zow/GradSchool/KDDCup99Harmful.html
  5. VX Heavens. Computer virus collection. [WWW] http://vx.netlux.org/vl.php
  6. CWSandbox. Malware analysis system. [WWW] http://mwanalysis.org/
  7. Anubis: Analyzing Unknown Binaries [WWW] http://anubis.iseclab.org/
  8. Wepawet [WWW] http://wepawet.cs.ucsb.edu/