Autonomous Security Testbed

Motivation

Conventional network simulation tools are not tailored for realistic testing and evaluation of network security solutions. On one hand they do not provide explicit interfaces for application layer and detection components, on the other they offer no hard guarantees concerning the scalability of packet-based simulations. We aim to provide security experts and developers with a testbed which incorporates real end devices such as mobile phones and dedicated, powerful hardware so that realistic data can be obtained.

Goals

The Autonomous Security testbed allows developers to test and assess their network security solutions in realistic simulation scenarios. This entails the evaluation of stand-alone detection components as well as large security frameworks consisting of multiple cooperating detection units. To this end, the following features are supported:

  • Using highly configurable traffic patterns to create realistic network  traffic
  • conformity with the OSI layer model and the TCP/IP protocol stack
  • scalability
  • repeatability
  • plugin-based detection components
  • meaningful analysis and statistics

The Mobile testbed allows the examination of the behaviour of mobile end devices such as mobile phones or smart phones. Furthermore, these devices can be integrated in the test environment in order to avoid the accidental spread of malware, i.e. via Bluetooth. In the Simulation Environment, additional end devices can be connected to the network simulation tool. The Network Testbed is a cluster of high-performance machines allowing the distributed and thus scalable execution of packet-based network simulation. This also allows the verification of the results obtained in the software-based network simulation in a real hardware-based environment.