LESS Is More: Host-Agent Based Simulator for Large-Scale Evaluation of Security Systems
作者: John Sonchack , Adam J. Aviv
DOI: 10.1007/978-3-319-11212-1_21
关键词:
摘要: Recently proposed network security systems have demonstrated the benefits of scale for achieving many goals, including detection worm outbreaks, botnets, and denial service attacks. However, is also a barrier to further advancement such systems: obtaining working with appropriately large data sets difficult, existing simulation techniques are ill suited this domain. To overcome these challenges, we propose host behavior simulator, LESS, designed evaluating systems. LESS build automatically configures behaviors agents using background traffic samples malicious models. In turn, communicate each other throughout simulation, generating records. We demonstrate applicability by tuning it publicly available traces, then generated records reproduce results from several recently used extend evaluations systems, highlighting dimensions system performance that would be difficult study without simulation.
springer.com
sci-hub.st 参考文章(29)
David Dagon, Chris Nunnery, Vikram Sharma, Brent ByungHoon Kang, Julian B. Grizzard, Peer-to-peer botnets: overview and case study conference on workshop on hot topics in understanding botnets. pp. 1- 1 ,(2007)
Johannes Ullrich, Phillip Porras, Jian Zhang, Highly predictive blacklisting usenix security symposium. pp. 107- 122 ,(2008)
Nathaniel Boggs, Sharath Hiremagalore, Angelos Stavrou, Salvatore J. Stolfo, Cross-Domain Collaborative Anomaly Detection: So Far Yet So Close Lecture Notes in Computer Science. pp. 142- 160 ,(2011) , 10.1007/978-3-642-23644-0_8
John Guttag, Godfrey Tan, Frans Kaashoek, Massimiliano Poletto, Role classification of hosts within enterprise networks based on connection patterns usenix annual technical conference. pp. 2- 2 ,(2003)
Guanling Chen, Robert S. Gray, Simulating non-scanning worms on peer-to-peer networks scalable information systems. pp. 29- ,(2006) , 10.1145/1146847.1146876
Albert-László Barabási, Réka Albert, Emergence of Scaling in Random Networks Science. ,vol. 286, pp. 509- 512 ,(1999) , 10.1126/SCIENCE.286.5439.509
Guowu Xie, Marios Iliofotou, Ram Keralapura, Michalis Faloutsos, Antonio Nucci, SubFlow: Towards practical flow-level traffic classification international conference on computer communications. pp. 2541- 2545 ,(2012) , 10.1109/INFCOM.2012.6195649
George F. Riley, The Georgia Tech Network Simulator acm special interest group on data communication. pp. 5- 12 ,(2003) , 10.1145/944773.944775
Baris Coskun, Sven Dietrich, Nasir Memon, Friends of an enemy: identifying local members of peer-to-peer botnets using mutual contacts annual computer security applications conference. pp. 131- 140 ,(2010) , 10.1145/1920261.1920283
Dina Katabi, Balachander Krishnamurthy, Sachin Katti, Collaborating against common enemies internet measurement conference. pp. 34- 34 ,(2005) , 10.5555/1251086.1251120