Replay of Malicious Traffic in Network Testbeds

Replay of Malicious Traffic in Network Testbeds

Hussain, Alefiya and Pradkin, Yuri and Heidemann, John
USC/Information Sciences Institute

Alefiya Hussain, Yuri Pradkin and John Heidemann 2013. Replay of Malicious Traffic in Network Testbeds. Proceedings of the 13th IEEE Conference on Technologies for Homeland Security (HST) (Waltham, Massachusetts, USA, Nov. 2013), (to appear).

Abstract

In this paper we present tools and methods to integrate attack measurements from the Internet with controlled experimentation on a network testbed. We show that this approach provides greater fidelity than synthetic models. We compare the statistical properties of real-world attacks with synthetically generated constant bit rate attacks on the testbed. Our results indicate that trace replay provides fine time-scale details that may be absent in constant bit rate attacks. Additionally, we demonstrate the effectiveness of our approach to study new and emerging attacks. We replay an Internet attack captured by the LANDER system on the DETERLab testbed within two hours.

Reference

@inproceedings{Hussain13a,
  author = {Hussain, Alefiya and Pradkin, Yuri and Heidemann, John},
  title = {Replay of Malicious Traffic in Network Testbeds},
  booktitle = {Proceedings of the 13th IEEE Conference on Technologies for Homeland Security (HST)},
  year = {2013},
  sortdate = {2013-11-01},
  project = {ant, lander, lacrend, retrofuture},
  jsubject = {network_simulation},
  pages = {(to appear)},
  month = nov,
  address = {Waltham, Massachusetts, USA},
  publisher = {IEEE},
  location = {johnh: pafile},
  keywords = {trace replay, LANDER, DETER},
  url = {http://www.isi.edu/%7ejohnh/PAPERS/Hussain13a.html},
  pdfurl = {http://www.isi.edu/%7ejohnh/PAPERS/Hussain13a.pdf},
  myorganization = {USC/Information Sciences Institute},
  copyrightholder = {IEEE},
  copyrightterms = {
  	Personal use of this material is permitted.  Permission from IEEE must
  	be obtained for all other uses, in any current or future media,
  	including reprinting/republishing this material for advertising or
  	promotional purposes, creating new collective works, for resale or
  	redistribution to servers or lists, or reuse of any copyrighted
  	component of this work in other works.
    }
}

Copyright

Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.