ResearchSpace

Developing a virtualised testbed environment in preparation for testing of network based attacks

Show simple item record

dc.contributor.author Van Heerden, Renier P
dc.contributor.author Pieterse, Heloise
dc.contributor.author Burke, Ivan D
dc.contributor.author Irwin, B
dc.date.accessioned 2014-02-13T09:07:05Z
dc.date.available 2014-02-13T09:07:05Z
dc.date.issued 2013-11
dc.identifier.citation Van Heerden, R.P, Pieterse, H, Burke, I.D and Irwin, B. 2013. Developing a virtualised testbed environment in preparation for testing of network based attacks. In: 5th Workshop on ICT Uses in Warfare and the Safeguarding of Peace (IWSP'13), Pretoria, 25-27 November en_US
dc.identifier.uri http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=06707509
dc.identifier.uri http://hdl.handle.net/10204/7218
dc.description 5th Workshop on ICT Uses in Warfare and the Safeguarding of Peace (IWSP'13), Pretoria, 25-27 November. Published in IEEE Explore en_US
dc.description.abstract Computer network attacks are difficult to simulate due to the damage they may cause to live networks and the complexity required simulating a useful network. We constructed a virtualised network within a vSphere ESXi environment which is able to simulate: thirty workstations, ten servers, three distinct network segments and the accompanying network traffic. The VSphere environment provided added benefits, such as the ability to pause, restart and snapshot virtual computers. These abilities enabled the authors to reset the simulation environment before each test and mitigated against the damage that an attack potentially inflicts on the test network. Without simulated network traffic, the virtualised network was too sterile. This resulted in any network event being a simple task to detect, making network traffic simulation a requirement for an event detection test bed. Five main kinds of traffic were simulated: Web browsing, File transfer, e-mail, version control and Intranet File traffic. The simulated traffic volumes were pseudo randomised to represent differing temporal patterns. By building a virtualised network with simulated traffic we were able to test IDS' and other network attack detection sensors in a much more realistic environment before moving it to a live network. en_US
dc.language.iso en en_US
dc.publisher IEEE Xplore en_US
dc.relation.ispartofseries Workflow;11639
dc.subject Computer network attacks en_US
dc.subject Network traffic simulation en_US
dc.subject VSphere environment en_US
dc.title Developing a virtualised testbed environment in preparation for testing of network based attacks en_US
dc.type Conference Presentation en_US
dc.identifier.apacitation Van Heerden, R. P., Pieterse, H., Burke, I. D., & Irwin, B. (2013). Developing a virtualised testbed environment in preparation for testing of network based attacks. IEEE Xplore. http://hdl.handle.net/10204/7218 en_ZA
dc.identifier.chicagocitation Van Heerden, Renier P, Heloise Pieterse, Ivan D Burke, and B Irwin. "Developing a virtualised testbed environment in preparation for testing of network based attacks." (2013): http://hdl.handle.net/10204/7218 en_ZA
dc.identifier.vancouvercitation Van Heerden RP, Pieterse H, Burke ID, Irwin B, Developing a virtualised testbed environment in preparation for testing of network based attacks; IEEE Xplore; 2013. http://hdl.handle.net/10204/7218 . en_ZA
dc.identifier.ris TY - Conference Presentation AU - Van Heerden, Renier P AU - Pieterse, Heloise AU - Burke, Ivan D AU - Irwin, B AB - Computer network attacks are difficult to simulate due to the damage they may cause to live networks and the complexity required simulating a useful network. We constructed a virtualised network within a vSphere ESXi environment which is able to simulate: thirty workstations, ten servers, three distinct network segments and the accompanying network traffic. The VSphere environment provided added benefits, such as the ability to pause, restart and snapshot virtual computers. These abilities enabled the authors to reset the simulation environment before each test and mitigated against the damage that an attack potentially inflicts on the test network. Without simulated network traffic, the virtualised network was too sterile. This resulted in any network event being a simple task to detect, making network traffic simulation a requirement for an event detection test bed. Five main kinds of traffic were simulated: Web browsing, File transfer, e-mail, version control and Intranet File traffic. The simulated traffic volumes were pseudo randomised to represent differing temporal patterns. By building a virtualised network with simulated traffic we were able to test IDS' and other network attack detection sensors in a much more realistic environment before moving it to a live network. DA - 2013-11 DB - ResearchSpace DP - CSIR KW - Computer network attacks KW - Network traffic simulation KW - VSphere environment LK - https://researchspace.csir.co.za PY - 2013 T1 - Developing a virtualised testbed environment in preparation for testing of network based attacks TI - Developing a virtualised testbed environment in preparation for testing of network based attacks UR - http://hdl.handle.net/10204/7218 ER - en_ZA


Files in this item

This item appears in the following Collection(s)

Show simple item record