EasyScale: Easy mapping for large-scale network security experiments

摘要

Network emulation enables network security evaluation using unmodified implementations. Experimental fidelity with emulation is higher than simulation through the integration of real hardware and systems, but the scalability of emulation testbeds is limited. Scaling techniques such as virtualization and real-time simulation enable larger scale experiments. Using scaling techniques for network security experiments can, however, require considerable expertise in order to avoid overloading resources. In this paper, we propose a new framework, EasyScale, that aims to bridge the current gap between emulation testbed users and large-scale security experiments possibly using multiple scaling techniques. Our results from distributed denial of service and worm attack experiments demonstrate that EasyScale can easily allocate testbed resources to the critical components in an experiment, lowering the barrier for testbed users to conduct high fidelity yet scalable network security experiments.