Abstract: This paper discusses in detail, the benchmark test system for network-based intrusion detection systems(NIDS) we developed. The system designs a new network attack description language called NADL1.0 which can describe all the network attack activities in a unified way to form the database of test scripts. Furthermore, the system simulates the attacking host, sacrificed host and background traffic host based on the synthesized architecture to realize the real creation of attacking sessions and its fusion sending with background traffics.

Key words: intrusion detection system, benchmark test, network attack description language, synthesized architecture, background traffic