1st International ICST Conference on Performance Evaluation Methodologies and Tools

Research Article

A realistic simulation of internet-scale events

  • @INPROCEEDINGS{10.1145/1190095.1190131,
        author={Songjie  Wei and Jelena  Mirkovic},
        title={A realistic simulation of internet-scale events},
        proceedings={1st International ICST Conference on Performance Evaluation Methodologies and Tools},
        keywords={Invasive software worms simulation and modeling distributed simulation},
  • Songjie Wei
    Jelena Mirkovic
    Year: 2012
    A realistic simulation of internet-scale events
    DOI: 10.1145/1190095.1190131
Songjie Wei1,*, Jelena Mirkovic1,*
  • 1: Department of Computer and Information Sciences, University of Delaware, Newark, DE 19716
*Contact email: weis@cis.udel.edu, sunshine@cis.udel.edu


Internet-scale security incidents are becoming increasingly common, and the researchers need tools to replicate and study them in a controlled setting. Current network simulators, mathematical event models and testbed emulation cannot faithfully replicate events at such a large scale. They either omit or simplify the relevant features of the Internet environment to meet the scale challenge, thus compromising fidelity. We present a distributed worm spread simulator, called PAWS, that builds a realistic Internet model, including the AS-level topology, the limited link bandwidths, and the legitimate traffic patterns. PAWS can support diversity of Internet participants at any desired granularity, because it simulates each vulnerable host individually. Faithful replication of Internet environment, its diversity and its interaction with the simulated event, all lead to a high-fidelity simulation that can be used to study event dynamics and evaluate possible defenses. While PAWS is customized for worm spread simulation, it is a modular large-scale simulator with a realistic Internet model, that can be easily extended to simulate other Internet-scale events.