A research facility for evaluating cyber-security approaches within corporate-scale networks and under operational conditions

The increased reliance on IT technologies has given rise to an increased risks relative to malicious cyber-security events. Research into the operational testing of cyber-security solutions, particularly within large-scale high bandwidth network environments, has not kept pace with the development of new security approaches and ever increasing network speeds. Current testing methods are generally limited to: (a) experiments conducted on small-scale research networks, (b) experiments conducted on pre-recorded network data or (c) active deployments on operational large scale networks. In the each case, issues exist either in the representativeness of the test environments to real world situations or the scientific repeatability of the experiments or both. A particularly complex issue is the sensitivity of reported results to background (normal) traffic characteristics existing at the time of experimentation. This work, presents the architecture of a cyber-security test facility under development designed address these issues.