The Community for Technology Leaders
Simulation Symposium, Annual (2005)
San Diego, California, USA
Apr. 4, 2005 to Apr. 6, 2005
ISSN: 1080-241X
ISBN: 0-7695-2322-6
pp: 204-213
Fabian Monrose , Johns Hopkins University
Ryan Caudy , Johns Hopkins University
Darren Davis , Johns Hopkins University
Lucas Ballard , Johns Hopkins University
Seny Kamara , Johns Hopkins University
ABSTRACT
We present a discrete-event network simulator, called Simnet, designed specifically for analyzing network-security protocols. The design and implementation is focused on simplicity of abstraction and extensibility. Moreover, its modular architecture allows operators to dynamically customize running simulations. To demonstrate its strengths we present cases studies that focus on examining security-centric problem domains. In particular, we present an analysis of worm propagation modeling for worms with varying target selection algorithms on topologies representing a few million hosts. Additionally, we examine the use of countermeasures such as aggregate congestion control as a defense against DDoS attacks, and present analysis for a variant called direct-Pushback. Lastly, we provide an empirical analysis of the computational and bandwidth overhead induced by proposed security extensions to DNS. These experiments hopefully illustrate that Simnet is not only scalable and efficient, but provides a viable platform for prototyping and analyzing non-trivial security protocols — a task which we argue cannot be easily accomplished elsewhere.
INDEX TERMS
null
CITATION
Fabian Monrose, Ryan Caudy, Darren Davis, Lucas Ballard, Seny Kamara, "An Extensible Platform for Evaluating Security Protocols", Simulation Symposium, Annual, vol. 00, no. , pp. 204-213, 2005, doi:10.1109/ANSS.2005.11
82 ms
(Ver 3.3 (11022016))