Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
A simulation environment for cybersecurity attack analysis based on network traffic logs
Date
2019-01-01
Author
Daneshgadeh, Salva
Oney, Mehmet Ugur
Kemmerich, Thomas
Baykal, Nazife
Metadata
Show full item record
This work is licensed under a
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
.
Item Usage Stats
535
views
0
downloads
Cite This
The continued and rapid progress of network technology has revolutionized all modern critical infrastructures and business models. Technologies today are firmly relying on network and communication facilities which in turn make them dependent on network security. Network-security investments do not always guarantee the security of organizations. However, the evaluation of security solutions requires designing, testing and developing sophisticated security tools which are often very expensive. Simulation and virtualization techniques empower researchers to adapt all experimental scenarios of network security in a more cost and time-effective manner before deciding about the final security solution. This study presents a detailed guideline to model and develop a simultaneous virtualized and simulated environment for computer networks to practice different network attack scenarios. The preliminary object of this study is to create a test bed for network anomaly detection research. The required dataset for anomaly or attack detection studies can be prepared based on the proposed environment in this study. We used open source GNS3 emulation tool, Docker containers, pfSense firewall, NTOPNG network traffic-monitoring tool, BoNeSi DDoS botnet simulator, Ostinato network workload generation tool and MYSQL database to collect simulated network traffic data. This simulation environment can also be utilized in a variety of cybersecurity studies such as vulnerability analysis, attack detection, penetration testing and monitoring by minor changes.
Subject Keywords
Tool
URI
https://hdl.handle.net/11511/56117
Journal
MODELING AND SIMULATION OF COMPLEX COMMUNICATION NETWORKS
Collections
Graduate School of Informatics, Article
Suggestions
OpenMETU
Core
A Scheduling method for sporadic traffics in industrial IoT
Özceylan, Baver; Baykal, Buyurman; Department of Electrical and Electronics Engineering (2017)
Internet of Things technology continues to develop as a commercial value and it has become one of the core elements of Industry 4.0 paradigm. Together with that, IEEE 802.15.4e standard provides Time-Slotted Channel Hopping (TSCH) operation mode especially for industrial applications that have strict QoS requirements. In spite of the fact that the standard defines frame structure in MAC layer, there has been no standardization in scheduling for TSCH frame yet. It brings serious challenge for engineering des...
A web service based trust and reputation system for transitory collaboration formation in supply chains
Taşyurt, İbrahim; Doğaç, Asuman; Department of Computer Engineering (2009)
Today, advancements in the information technologies increased the significance of electronic business in the world. Besides the numerous advantages provided by these advancements, competition has also increased for the enterprises. In this competitive environment, companies have to access information faster and response to the changes quickly. In a supply chain, it is a highly possible that one of the partners may defect in providing its services. When these exceptional cases occur, the pending parties have...
A Flexible semantic service composition framework for pervasive computing environments
Özpınar, Mustafa; Eren, Pekin Erhan; Department of Information Systems (2014)
With the advances in technology, high-speed connections, powerful and low cost devices have become available. İt is estimated that there will be tens of billions of devices connected to the İnternet by 2020. However, for the effective use of such an outstanding number of devices, they should be able to communicate with each other in different scenarios. A commonly agreed structure should be adopted to overcome the communication problem of heterogeneous devices. Web of Things (WoT) is a vision about quickly ...
A secure model for efficient live migration of containers
Mavus, Zeynep; Angın, Pelin (2019-09-01)
Cloud services have become increasingly widespread in the past decade due to their ability to reduce the complexity and the cost of managing computers and networks. Cloud applications are run in virtualized environments such as virtual machines and containers to be able to allocate resources in an inexpensive manner. Both of these approaches require effective resource utilization, for which an important enabling technology is live migration, which involves moving a service from one host to another with the ...
A Distributed Monitoring and Reconfiguration Approach for Adaptive Network Computing
Bhargava, Bharat; Angın, Pelin; Ranchal, Rohit; Lingayat, Sunil (2015-01-01)
The past decade has witnessed immense developments in the field of network computing thanks to the rise of the cloud computing paradigm, which enables shared access to a wealth of computing and storage resources without needing to own them. While cloud computing facilitates on-demand deployment, mobility and collaboration of services, mechanisms for enforcing security and performance constraints when accessing cloud services are still at an immature state. The highly dynamic nature of networks and clouds ma...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
S. Daneshgadeh, M. U. Oney, T. Kemmerich, and N. Baykal, “A simulation environment for cybersecurity attack analysis based on network traffic logs,”
MODELING AND SIMULATION OF COMPLEX COMMUNICATION NETWORKS
, pp. 55–79, 2019, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/56117.
