Author: | T. Gamer, C. Mayer | links: | DownloadSlidesBibtex |
---|---|---|---|
Source: | Digital Proceedings of 2nd International Workshop on OMNeT++ (Hosted by SIMUTools), Rome, Italy, March 2009 | ||
Evaluation of mechanisms for anomaly and attack detection
is still a challenging task and hard to achieve. This espe-
cially holds for the evaluation of the large-scale behavior
and efficiency of distributed detection mechanisms. Since
testbeds and real networks are no feasible means for large-
scale evaluation, we present in this paper a toolchain for the
large-scale evaluation of distributed attack detection based
on the simulator OMNeT++. Particular focus is placed
on simplicity and usability of the toolchain. The interplay
of the individual tools is shown by means of an exemplary
attack detection. Furthermore, a performance evaluation of
the individual tools is presented that shows their limitations
in terms of hardware and time constraints.