Application-level Simulation for Network Security

Stephan Schmidt, Rainer Bye, Joël Chinnow, Karsten Bsufka, Ahmet Camtepe, Sahin Albayrak
2009 Simulation (San Diego, Calif.)  
We introduce and describe a novel network simulation tool called NeSSi (Network Security Simulator). NeSSi incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profilebased automated attack generation, traffic analysis and interface support for the plug-in of detection algorithms allow it to be used for security research and evaluation purposes. NeSSi has been utilized for testing intrusion detection
more » ... lgorithms, conducting network security analysis, and developing distributed security frameworks at the application level. NeSSi is built upon the agent componentware framework JIAC [5], resulting in a distributed and easy-toextend architecture. In this paper, we provide an overview of the NeSSi architecture and briefly demonstrate its usage in three example security research projects. These projects comprise of evaluation of stand-alone detection unit performance, detection device deployment at central nodes in the network and comparison of different detection algorithms.
doi:10.1177/0037549709340730 fatcat:wgnc3uiv4nasvonds4h3cm2wiu