Outfitting an inter-AS topology to a network emulation testbed for realistic performance tests of DDoS countermeasures

Authors:
Hiroaki Hazeyama;Mio Suzuki;Shinsuke Miwa;Daisuke Miyamoto;Youki Kadobayashi
Affiliations:
Nara Institute of Science and Technology, Takayama, Ikoma, Nara, Japan;National Institute of Information and Communications Technology, Koganei, Tokyo, Japan;National Institute of Information and Communications Technology, Koganei, Tokyo, Japan;Nara Institute of Science and Technology, Takayama, Ikoma, Nara, Japan;Nara Institute of Science and Technology, Takayama, Ikoma, Nara, Japan
Venue:
CSET'08 Proceedings of the conference on Cyber security experimentation and test
Year:
2008

Citing 8
Cited 3

BRITE: An Approach to Universal Topology Generation

MASCOTS '01 Proceedings of the Ninth International Symposium in Modeling, Analysis and Simulation of Computer and Telecommunication Systems
Scalability and accuracy in a large-scale network emulator

OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
An Autonomous Architecture for Inter-Domain Traceback across the Borders of Network Operation

ISCC '06 Proceedings of the 11th IEEE Symposium on Computers and Communications
StarBED and SpringOS: large-scale general purpose network testbed and supporting software

valuetools '06 Proceedings of the 1st international conference on Performance evaluation methodolgies and tools
AS relationships: inference and validation

ACM SIGCOMM Computer Communication Review
Listen and whisper: security mechanisms for BGP

NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Design, deployment, and use of the DETER testbed

DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Single packet IP traceback in AS-level partial deployment scenario

International Journal of Security and Networks

Experiences in emulating 10K AS topology with massive VM multiplexing

Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
PhishCage: reproduction of fraudulent websites in the emulated internet

Proceedings of the 6th International ICST Conference on Simulation Tools and Techniques
COSMO - emulation of internet traffic: poster abstract

Proceedings of the 6th International ICST Conference on Simulation Tools and Techniques

Quantified Score

Hi-index	0.00

Visualization

Abstract

One of the significant requirements for testing a software implementation of an inter-AS DDoS countermeasure is to measure the performance of the implementation in a large scale topology with typical DDoS tools and traffic. Ideally, an emulated inter-AS topology with same scale of the real Internet will provide similar characteristics of the real Internet if the same number of physical servers or facilities are used. However, the number of available physical nodes in a network emulation testbed are limited to tens or hundreds of physical servers. Boosting the number of nodes by virtual machines is not suitable to measure actual software performance. We take a filtering approach in order to pick up a subgraph from the whole inter-AS topology of the real Internet to fit the facilities of a network emulation testbed. Considering required characteristics for realistic evaluation results, we propose four filtering techniques. In this paper, we try to evaluate and discuss the pros and cons of our filtering approaches and the appropriateness of the emulated inter-AS topologies created by our filtering methods.