Tools for Scalable Security Experiments

Sonia Fahmy
Purdue University

Although several solutions to such problems as attacks on inter-domain routing protocols and denial of service (DoS) attacks have been proposed, Internet deployments have been limited. A primary reason for this lack of deployment is that most defenses have not been validated under realistic conditions, or at sufficiently large scales.
Many attacks also have second-order effects that are not well understood.
This is because it is difficult to incorporate all the protocols involved at any reasonable scale in analytical, simulation, or emulation models or testbeds. We discuss two complementary efforts to address the fidelity and scale challenges in security experiments:
(1) Router models: We design high-fidelity yet scalable models for routers and other devices that are based on simple device measurements under a few well-crafted scenarios. (2) Downscaling tools: We explore challenges in simplifying experimental scenarios before studying them using simulation, emulation, or testbed experiments.

Back to Workshop II: Applications of Internet MRA to Cyber-Security