- Library Home /
- Search Collections /
- Open Collections /
- Browse Collections /
- UBC Theses and Dissertations /
- A virtual testbed to evaluate worm defense techniques
Open Collections
UBC Theses and Dissertations
UBC Theses and Dissertations
A virtual testbed to evaluate worm defense techniques Hao, Shuang
Abstract
The rapidly growing amount of malicious software (such as worms) on the Internet causes significant security problems i n enterprise networks and has been attracting increasing research attention. Many methods have been proposed to detect, throttle or even prevent the spreading of malware. However, most of the research experiments to evaluate the effectiveness of these defense mechanisms are based on off-line testing, synthetic data or mathematical modelling, which are unable to convincingly validate the efficiency of the defense systems. Better evaluation testbeds with live worms mixed with realistic traffic are required to help facilitate research on malware defenses. In this thesis we focus on developing a testbed which provides an emulation of realistic traffic conditions for network and security researchers. The system is constructed using virtual hosts, which makes the testbed scalable and flexible. Network traffic is collected from a real enterprise network and then replayed in the virtual environment. In the meantime, vulnerable services on the virtual hosts allow actual malware to compromise individual hosts and flood the virtual network. Our use of virtualization technology enables an all-software implementation. It grants fast and convenient generation, startup and shutdown of the testbed. The datalink layer virtualization and the port-based forwarding VLAN strictly confine the released malware within the testing environment. The virtual smart switches provide a platform for researchers to evaluate the security and usability of their protection architecture against worms.
Item Metadata
| Title |
A virtual testbed to evaluate worm defense techniques
|
| Creator | |
| Publisher |
University of British Columbia
|
| Date Issued |
2007
|
| Description |
The rapidly growing amount of malicious software (such as worms) on the
Internet causes significant security problems i n enterprise networks and has been
attracting increasing research attention. Many methods have been proposed to detect, throttle or even prevent the spreading of malware. However, most of the research experiments to evaluate the effectiveness of these defense mechanisms are based on off-line testing, synthetic data or mathematical modelling, which are unable to convincingly validate the efficiency of the defense systems. Better evaluation testbeds with live worms mixed with realistic traffic are required to help facilitate research on malware defenses.
In this thesis we focus on developing a testbed which provides an emulation of realistic traffic conditions for network and security researchers. The system is constructed using virtual hosts, which makes the testbed scalable and flexible. Network traffic is collected from a real enterprise network and then replayed in the virtual environment. In the meantime, vulnerable services on the virtual hosts allow actual malware to compromise individual hosts and flood the virtual network.
Our use of virtualization technology enables an all-software implementation. It grants fast and convenient generation, startup and shutdown of the testbed. The datalink layer virtualization and the port-based forwarding VLAN strictly confine the released malware within the testing environment. The virtual smart switches provide a platform for researchers to evaluate the security and usability of their protection architecture against worms.
|
| Genre | |
| Type | |
| Language |
eng
|
| Date Available |
2011-02-25
|
| Provider |
Vancouver : University of British Columbia Library
|
| Rights |
For non-commercial purposes only, such as research, private study and education. Additional conditions apply, see Terms of Use https://open.library.ubc.ca/terms_of_use.
|
| DOI |
10.14288/1.0052064
|
| URI | |
| Degree | |
| Program | |
| Affiliation | |
| Degree Grantor |
University of British Columbia
|
| Campus | |
| Scholarly Level |
Graduate
|
| Aggregated Source Repository |
DSpace
|
Item Media
Item Citations and Data
Rights
For non-commercial purposes only, such as research, private study and education. Additional conditions apply, see Terms of Use https://open.library.ubc.ca/terms_of_use.