Simulation Symposium, Annual (2005)
San Diego, California, USA
Apr. 4, 2005 to Apr. 6, 2005
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ANSS.2005.11
Seny Kamara , Johns Hopkins University
Darren Davis , Johns Hopkins University
Lucas Ballard , Johns Hopkins University
Ryan Caudy , Johns Hopkins University
Fabian Monrose , Johns Hopkins University
We present a discrete-event network simulator, called Simnet, designed specifically for analyzing network-security protocols. The design and implementation is focused on simplicity of abstraction and extensibility. Moreover, its modular architecture allows operators to dynamically customize running simulations. To demonstrate its strengths we present cases studies that focus on examining security-centric problem domains. In particular, we present an analysis of worm propagation modeling for worms with varying target selection algorithms on topologies representing a few million hosts. Additionally, we examine the use of countermeasures such as aggregate congestion control as a defense against DDoS attacks, and present analysis for a variant called direct-Pushback. Lastly, we provide an empirical analysis of the computational and bandwidth overhead induced by proposed security extensions to DNS. These experiments hopefully illustrate that Simnet is not only scalable and efficient, but provides a viable platform for prototyping and analyzing non-trivial security protocols — a task which we argue cannot be easily accomplished elsewhere.
F. Monrose, R. Caudy, D. Davis, L. Ballard and S. Kamara, "An Extensible Platform for Evaluating Security Protocols," Proceedings. 38th Annual Simulation Symposium(ANSS), San Diego, CA, USA, 2005, pp. 204-213.