Generating application-level content within network simulations and/or testbed environments tends toward an ad-hoc process reliant primarily on evaluator expertise. Such ad-hoc approaches are laborious and often fail to capture important aspects of how content is distributed within traffic. Further, while many tools allow for the generation of a wide-range of content types, there exists no coherent model for populating these tools with the necessary data. To address these issues we propose two models for dynamically generating content so as to provide a systematic means for populating a test with relevant data. First we create content targeting Network Intrusion Detection Systems (NIDS) that are severely impacted by the composition of the traffic combined with the set of known signatures. Most NIDS evaluation techniques employ on/off models where a packet is either malicious or not. Such evaluation ignores the case where the content of a benign packet partially intersects with one or many signatures, causing more processing for the NIDS. To address this hole in evaluation we propose a traffic model that uses the target NIDS signature set to create partially-matching traffic. This partially-matching traffic then allows the systematic examination of the NIDS across multiple scenarios. Such evaluation provides insight into the idiosyncrasies of a NIDS that would remain hidden if evaluated under current methodologies.
Next, we broaden our content generation model to account for all network applications. We create a content generative model for identifying, harvesting, and assigning application-level content to simulated traffic. This model ties consumers of content to the producers of the content as well to a particular content category. This approach then allows for said content to be tied to a workload generator or simulator of choice to evaluate a given network application. Finally, we discuss the implementation of these models and potential optimizations for high-speed environments. Ultimately, the models provided here allow for the systematic generation of content for network applications and serves to bridge the gap in current evaluation methodologies between network traffic simulation and content.
|Advisor:||Kim, Min Sik|
|Commitee:||Bakken, David, Hauser, Carl|
|School:||Washington State University|
|School Location:||United States -- Washington|
|Source:||DAI-B 73/12(E), Dissertation Abstracts International|
|Keywords:||Content generation, Network simulation, Network traffic|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be