Code Testing

YAIDS is tested using both automated and manual processes. The testing conducted covers functional testing, security testing, and code quality analysis.

Some of the tools utilized for testing include:

In addition to the third-party tools listed above, yaids inclues a test suite.

Test Suite

The test suite includes PCAP files and Yara Rules, and verifies that multiple modes of yaids return the correct alerts and output.

The following modes are tested:

  • Output Mode
  • Silent Mode
  • Default Mode / Re-Processing of the Default Mode output

The following test cases are included in the test suite:

Test Name Test Count Description
test_A 6 HTTP Traffic/Rules
test_B 3 FTP Traffic/Rules
test_C 1 UDP Traffic/Rules
test_D 9 Traffic Attributes (Source, Destination, etc.)
test_E 1 Combined Ruleset
test_F 3 BPF Test

All tests are run three times to ensure consistent results. Additionally, the tests are run using both standard PCAP and PCAPNG files.

NOTE: The PCAP files included for testing purposes are sources from NETRESEC.

Automated Testing Workflows

There are three sets of tests conducted automatically on the yaids/main branch. The statuses of these tests are displayed at the top of the documentation. Furthermore, you can view the historical results for these workflows via GitHub Actions.