Research Article
Application-level simulation for network security
@INPROCEEDINGS{10.4108/ICST.SIMUTOOLS2008.2961, author={Rainer Bye and Stephan Schmidt and Katja Luther and Sahin Albayrak}, title={Application-level simulation for network security}, proceedings={1st International ICST Conference on Simulation Tools and Techniques for Communications, Networks and Systems}, publisher={ICST}, proceedings_a={SIMUTOOLS}, year={2010}, month={5}, keywords={Network simulation network security}, doi={10.4108/ICST.SIMUTOOLS2008.2961} }- Rainer Bye
Stephan Schmidt
Katja Luther
Sahin Albayrak
Year: 2010
Application-level simulation for network security
SIMUTOOLS
ICST
DOI: 10.4108/ICST.SIMUTOOLS2008.2961
Abstract
We introduce and describe a novel network simulation tool called NeSSi (Network Security Simulator). NeSSi incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profilebased automated attack generation, traffic analysis and interface support for the plug-in of detection algorithms allow it to be used for security research and evaluation purposes. NeSSi has been utilized for testing intrusion detection algorithms, conducting network security analysis, and developing distributed security frameworks at the application level. NeSSi is built upon the agent componentware framework JIAC [5], resulting in a distributed and easy-toextend architecture. In this paper, we provide an overview of the NeSSi architecture and briefly demonstrate its usage in three example security research projects. These projects comprise of evaluation of stand-alone detection unit performance, detection device deployment at central nodes in the network and comparison of different detection algorithms.