Affiliation:
1. Purdue University, West Lafayette, IN
2. Ohio State University, Columbus, OH
Abstract
In this article, we investigate the differences between
simulation
and
emulation
when conducting denial of service (DoS) attack experiments. As a case study, we consider low-rate TCP-targeted DoS attacks. We design constructs and tools for emulation testbeds to achieve a level of control comparable to simulation tools. Through a careful sensitivity analysis, we expose difficulties in obtaining meaningful measurements from the DETER, Emulab, and WAIL testbeds with default system settings. We find dramatic differences between simulation and emulation results for DoS experiments. Our results also reveal that software routers such as Click provide a flexible experimental platform, but require understanding and manipulation of the underlying network device drivers. Our experiments with commercial Cisco routers demonstrate that they are highly susceptible to the TCP-targeted attacks when ingress/egress IP filters are used.
Funder
National Science Foundation
U.S. Department of Homeland Security
Department of Human Services
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Science Applications,Modelling and Simulation
Reference44 articles.
1. Agarwal S. Sommers J. and Barford P. 2005. Scalable network path emulation. In Modeling Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS). 10.1109/MASCOT.2005.61 Agarwal S. Sommers J. and Barford P. 2005. Scalable network path emulation. In Modeling Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS). 10.1109/MASCOT.2005.61
2. Allman M. Paxson V. and Stevens W. 1999. TCP congestion control. RFC 2581. Allman M. Paxson V. and Stevens W. 1999. TCP congestion control. RFC 2581.
3. Cyber defense technology networking and evaluation
Cited by
15 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献