METHODS, SYSTEMS, AND COMPUTER READABLE MEDIA FOR MEASURING DETECTION ACCURACY OF A SECURITY DEVICE USING BENIGN TRAFFIC
First Claim
1. A method for measuring detection accuracy of a security device using benign traffic, the method comprising:
- at an Internet protocol (IP) traffic simulator having a first communications interface and a second communications interface;
sending, by the first communications interface, a plurality of benign data packets to a security device, wherein the plurality of benign data packets is engineered to be similar to one or more malicious data packets;
receiving, by the second communications interface, zero or more of the plurality of benign data packets via the security device; and
determining, using statistics associated with the plurality of benign data packets, a detection accuracy metric associated with the security device.
6 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and computer readable media for measuring detection accuracy of a security device using benign traffic are disclosed. According to one method, the method occurs at an Internet protocol (IP) traffic simulator having a first communications interface and a second communications interface. The method includes sending, by the first communications interface, a plurality of benign data packets to a security device, wherein the plurality of benign data packets is engineered to be similar to one or more malicious data packets. The method also includes receiving, by the second communications interface, zero or more of the plurality of benign data packets via the security device. The method further includes determining, using statistics associated with the plurality of benign data packets, a detection accuracy metric associated with the security device.
-
Citations
24 Claims
-
1. A method for measuring detection accuracy of a security device using benign traffic, the method comprising:
at an Internet protocol (IP) traffic simulator having a first communications interface and a second communications interface; sending, by the first communications interface, a plurality of benign data packets to a security device, wherein the plurality of benign data packets is engineered to be similar to one or more malicious data packets; receiving, by the second communications interface, zero or more of the plurality of benign data packets via the security device; and determining, using statistics associated with the plurality of benign data packets, a detection accuracy metric associated with the security device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
12. A system for measuring detection accuracy of a security device using benign traffic, the system comprising:
an Internet protocol (IP) traffic simulator, the IP traffic simulator comprising; a first communications interface configured to send a plurality of benign data packets to a security device, wherein the plurality of benign data packets is engineered to be similar to one or more malicious data packets; a second communications interface configured to receive zero or more of the plurality of benign data packets via the security device; and a detection accuracy module (DAM) configured to determine, using statistics associated with the plurality of benign data packets, a detection accuracy metric associated with the security device. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
24. A non-transitory computer readable medium comprising computer executable instructions embodied in a computer readable medium that when executed by a processor of a computer control the computer to perform steps comprising:
at an Internet protocol (IP) traffic simulator having a first communications interface and a second communications interface; sending, by the first communications interface, a plurality of benign data packets to a security device, wherein the plurality of benign data packets is engineered to be similar to one or more malicious data packets; receiving, by the second communications interface, zero or more of the plurality of benign data packets via the security device; and determining, using statistics associated with the plurality of benign data packets, a detection accuracy metric associated with the security device.
Specification