Title :
Replay of malicious traffic in network testbeds
Author :
Hussain, Amir ; Pradkin, Yuri ; Heidemann, John
Author_Institution :
Inf. Sci. Inst., Univ. of Southern California, Los Angeles, CA, USA
Abstract :
In this paper we present tools and methods to integrate attack measurements from the Internet with controlled experimentation on a network testbed. We show that this approach provides greater fidelity than synthetic models. We compare the statistical properties of real-world attacks with synthetically generated constant bit rate attacks on the testbed. Our results indicate that trace replay provides fine time-scale details that may be absent in constant bit rate attacks. Additionally, we demonstrate the effectiveness of our approach to study new and emerging attacks. We replay an Internet attack captured by the LANDER system on the DETERLab testbed within two hours.
Keywords :
IP networks; Internet; computer network security; statistical analysis; telecommunication traffic; DETERLab testbed; Internet attack measurement integration; LANDER system; malicious traffic replay; network testbeds; real-world attacks; statistical properties; synthetically generated constant bit rate attacks; Analytical models; Bit rate; Computer crime; IP networks; Servers; Standards; Topology;
Conference_Titel :
Technologies for Homeland Security (HST), 2013 IEEE International Conference on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4799-3963-3
DOI :
10.1109/THS.2013.6699022
