A Comparative Study of Traffic Generators: Applicability for Malware Detection Testbeds

Q3 Computer Science

International Journal of Internet Technology and Secured Transactions Pub Date : 2020-12-31 DOI:10.20533/JITST.2046.3723.2020.0085

Matt Swann, Joseph R. Rose, G. Bendiab, S. Shiaeles, N. Savage

{"title":"A Comparative Study of Traffic Generators: Applicability for Malware Detection Testbeds","authors":"Matt Swann, Joseph R. Rose, G. Bendiab, S. Shiaeles, N. Savage","doi":"10.20533/JITST.2046.3723.2020.0085","DOIUrl":null,"url":null,"abstract":"Network traffic generators are invaluable tools that allow for applied experimentation to evaluate the performance of networks, infrastructure, and security controls, by modelling and simulating the communication packets and payloads that would be produced by machines and devices on the network. Specifically for security applications, these tools can be used to consistently simulate malicious activity on the network and test the components designed to detect and mitigate malicious activities, in a highly reliable and customisable way. However, despite the promising features, most of these tools have some problems that can undermine the correctness of experiments. The accuracy of the simulation results depends strongly on the performance and reliability of the used generator. Thus, in this paper, we investigate the performance and accuracy of three of the most reviewed network traffic generators in literature, namely Cisco TRex, Ostinato and Genesids. Mainly, the comparative experiments examine the strengths and limitations of these tools, for malicious trafficwhich can help the research community to choose the most suitable one to assess the performance of their networks and security controls.","PeriodicalId":38357,"journal":{"name":"International Journal of Internet Technology and Secured Transactions","volume":"40 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Internet Technology and Secured Transactions","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.20533/JITST.2046.3723.2020.0085","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 2

Abstract

Network traffic generators are invaluable tools that allow for applied experimentation to evaluate the performance of networks, infrastructure, and security controls, by modelling and simulating the communication packets and payloads that would be produced by machines and devices on the network. Specifically for security applications, these tools can be used to consistently simulate malicious activity on the network and test the components designed to detect and mitigate malicious activities, in a highly reliable and customisable way. However, despite the promising features, most of these tools have some problems that can undermine the correctness of experiments. The accuracy of the simulation results depends strongly on the performance and reliability of the used generator. Thus, in this paper, we investigate the performance and accuracy of three of the most reviewed network traffic generators in literature, namely Cisco TRex, Ostinato and Genesids. Mainly, the comparative experiments examine the strengths and limitations of these tools, for malicious trafficwhich can help the research community to choose the most suitable one to assess the performance of their networks and security controls.

查看原文本刊更多论文

流量发生器的比较研究:对恶意软件检测试验台的适用性

网络流量生成器是非常宝贵的工具，通过建模和模拟网络上的机器和设备产生的通信数据包和有效负载，可以进行应用实验，以评估网络、基础设施和安全控制的性能。特别是对于安全应用程序，这些工具可用于一致地模拟网络上的恶意活动，并以高度可靠和可定制的方式测试用于检测和减轻恶意活动的组件。然而，尽管有很有前途的特性，这些工具中的大多数都有一些问题，可能会破坏实验的正确性。仿真结果的准确性很大程度上取决于所用发电机的性能和可靠性。因此，在本文中，我们研究了文献中评论最多的三种网络流量生成器的性能和准确性，即Cisco TRex, Ostinato和Genesids。主要通过对比实验来检验这些工具的优势和局限性，以帮助研究团体选择最合适的工具来评估他们的网络和安全控制的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Internet Technology and Secured Transactions Computer Science-Computer Networks and Communications

CiteScore

2.50

自引率

0.00%

发文量