Pattern-oriented software architecture: a system of patterns
Pattern-oriented software architecture: a system of patterns
ACM Transactions on Computer Systems (TOCS)
Generation of High Bandwidth Network Traffic Traces
MASCOTS '02 Proceedings of the 10th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems
TCPivo: a high-performance packet replay engine
MoMeTools '03 Proceedings of the ACM SIGCOMM workshop on Models, methods and tools for reproducible network research
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Operational experiences with high-volume network intrusion detection
Proceedings of the 11th ACM conference on Computer and communications security
Design and implementation of netdude, a framework for packet trace manipulation
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Realistic and responsive network traffic generation
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
FLAME: a flow-level anomaly modeling engine
CSET'08 Proceedings of the conference on Cyber security experimentation and test
Swing: realistic and responsive network traffic generation
IEEE/ACM Transactions on Networking (TON)
A flow trace generator using graph-based traffic classification techniques
Proceedings of the 6th International Wireless Communications and Mobile Computing Conference
Hi-index | 0.00 |
Evaluating network components such as network intrusion detection systems, firewalls, routers, or switches suffers from the lack of available network traffic traces that on the one hand are appropriate for a specific test environment but on the other hand have the same characteristics as actual traffic. Instead of just capturing traffic and replaying the trace, we identify a set of packet trace manipulation operations that enable us to generate a trace bottom-up: our trace primitives can be traces from different environments or artificially generated ones; our basic operations include merging of two traces, moving a flow across time, duplicating a flow, and stretching a flow's time-scale. After discussing the potential as ell as the dangers of each operation with respect to analysis at different protocol layers, we present a framework within which these operations can be realized and show an example configuration for our prototype.