1st International ICST Conference on Simulation Tools and Techniques for Communications, Networks and Systems

Research Article

Application-level simulation for network security

Download563 downloads
  • @INPROCEEDINGS{10.4108/ICST.SIMUTOOLS2008.2961,
        author={Rainer Bye and Stephan Schmidt and Katja Luther and Sahin Albayrak},
        title={Application-level simulation for network security},
        proceedings={1st International ICST Conference on Simulation Tools and Techniques for Communications, Networks and Systems},
        publisher={ICST},
        proceedings_a={SIMUTOOLS},
        year={2010},
        month={5},
        keywords={Network simulation network security},
        doi={10.4108/ICST.SIMUTOOLS2008.2961}
    }
    
  • Rainer Bye
    Stephan Schmidt
    Katja Luther
    Sahin Albayrak
    Year: 2010
    Application-level simulation for network security
    SIMUTOOLS
    ICST
    DOI: 10.4108/ICST.SIMUTOOLS2008.2961
Rainer Bye1,*, Stephan Schmidt1,*, Katja Luther1,*, Sahin Albayrak1,*
  • 1: DAI-Labor, Technische Universität Berlin
*Contact email: rainer.bye@dai-labor.de, stephan.schmidt@dai-labor.de, katja.luther@dai-labor.de, sahin.albayrak@dai-labor.de

Abstract

We introduce and describe a novel network simulation tool called NeSSi (Network Security Simulator). NeSSi incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profilebased automated attack generation, traffic analysis and interface support for the plug-in of detection algorithms allow it to be used for security research and evaluation purposes. NeSSi has been utilized for testing intrusion detection algorithms, conducting network security analysis, and developing distributed security frameworks at the application level. NeSSi is built upon the agent componentware framework JIAC [5], resulting in a distributed and easy-toextend architecture. In this paper, we provide an overview of the NeSSi architecture and briefly demonstrate its usage in three example security research projects. These projects comprise of evaluation of stand-alone detection unit performance, detection device deployment at central nodes in the network and comparison of different detection algorithms.