Large-scale Evaluation of Distributed Attack Detection
2nd International Workshop on OMNeT++
- place:Rome, Italy
- Date:Mar 2009
- Author:Thomas Gamer, Christoph P. Mayer
- Evaluation of mechanisms for anomaly and attack detection is still a challenging task and hard to achieve. This espe- cially holds for the evaluation of the large-scale behavior and efficiency of distributed detection mechanisms. Since testbeds and real networks are no feasible means for large- scale evaluation, we present in this paper a toolchain for the large-scale evaluation of distributed attack detection based on the simulator OMNeT++. Particular focus is placed on simplicity and usability of the toolchain. The interplay of the individual tools is shown by means of an exemplary attack detection. Furthermore, a performance evaluation of the individual tools is presented that shows their limitations in terms of hardware and time constraints.
- In:Digital Proceedings of 2nd International Workshop on OMNeT++ (Hosted by SIMUTools)