Large-scale evaluation of distributed attack detection

  • Authors:
  • Thomas Gamer;Christoph P. Mayer

  • Affiliations:
  • Universität Karlsruhe, TH, Germany;Universität Karlsruhe, TH, Germany

  • Venue:
  • Proceedings of the 2nd International Conference on Simulation Tools and Techniques
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

Evaluation of mechanisms for anomaly and attack detection is still a challenging task and hard to achieve. This especially holds for the evaluation of the large-scale behavior and efficiency of distributed detection mechanisms. Since testbeds and real networks are no feasible means for large-scale evaluation, we present in this paper a toolchain for the large-scale evaluation of distributed attack detection based on the simulator OMNeT++. Particular focus is placed on simplicity and usability of the toolchain. The interplay of the individual tools is shown by means of an exemplary attack detection. Furthermore, a performance evaluation of the individual tools is presented that shows their limitations in terms of hardware and time constraints.