While the use of network intrusion detection systems (nIDS) is becoming pervasive, evaluating nIDS performance has been found to be challenging. The goal of this study is to determine how to generate realistic workloa...
详细信息
ISBN:
(纸本)1581136730
While the use of network intrusion detection systems (nIDS) is becoming pervasive, evaluating nIDS performance has been found to be challenging. The goal of this study is to determine how to generate realistic workloads for nIDS performance evaluation. We develop a workload model that appears to provide reasonably accurate estimates compared to real workloads. The model attempts to emulate a traffic mix of different applications, reflecting characteristics of each application and the way these interact with the system. We have implemented this model as part of a traffic generator that can be extended and tuned to reflect the needs of different scenarios. We also present an approach to measuring the capacity of a nIDS that does not require the setup of a full network testbed. security, intrusion detection, workload characterization and generation.
Peer-to-peer (P2P) networks are generally considered to be free havens for pirated content, in particular with respect to music. We describe a solution for the problem of copyright infringement in P2P networks for mus...
详细信息
The contribution of this paper is fourfold. First, we sketch an architecture of agent-enabled business process management that cleanly separates between agent capabilities, business process modeling, and the modeling ...
详细信息
Classical admission control approaches take either descriptor or measurement based information about the traffic into account without relating them to each other. We propose a experience-based AC (EBAC) which uses an ...
详细信息
Classical admission control approaches take either descriptor or measurement based information about the traffic into account without relating them to each other. We propose a experience-based AC (EBAC) which uses an empirical percentile of the effective reservation utilization to determine a suitable overbooking factor. In this paper, we show the impact of different measurement time scale resolutions and different quantiles on the performance of the system. We propose aging mechanisms for statistic collection to make the system adaptive to traffic mixes that change over time. We illustrate their effectiveness by simulation results.
In contrast to link admission control (LAC), which limits the truffle on a single link, network admission control (NAC) methods limit the traffic within a network. In this paper we present four basic budget based NAC ...
详细信息
In contrast to link admission control (LAC), which limits the truffle on a single link, network admission control (NAC) methods limit the traffic within a network. In this paper we present four basic budget based NAC approaches that have different complexity. They categorize most resource management schemes from a performance point of view regarding the maximum bandwidth utilization. Our results show that the option of single- or multi-path routing has a significant impact on the NAC performance while it is rather independent of the structure of the traffic matrix.
We introduce the notion of link and network admission control (LAC, NAC) and present three fundamentally different budget based NAC methods which categorize most of today's implemented NAC approaches. We propose a...
详细信息
We introduce the notion of link and network admission control (LAC, NAC) and present three fundamentally different budget based NAC methods which categorize most of today's implemented NAC approaches. We propose a performance evaluation framework for their comparison. The required network capacity for each method is dimensioned for a certain flow blocking probability, and the average resource utilization is taken as performance measure. We point out several implementation options and investigate their impact. Based on numerical results, we give recommendations for preferred procedures. Finally, we compare different NAC methods under varying load conditions.
UMTS operates with WCDMA over the air interface. Most studies dealing with the capacity of CDMA networks consider the uplink (reverse link) and evaluate the coverage or capacity of a cell or network. This focus on the...
详细信息
UMTS operates with WCDMA over the air interface. Most studies dealing with the capacity of CDMA networks consider the uplink (reverse link) and evaluate the coverage or capacity of a cell or network. This focus on the uplink originates in the fact that the IS-95 network was a single voice network, such that the network performance was limited by the uplink. Furthermore, fast power control was then implemented on the uplink only. The introduction of 3G networks leaves the pure voice networks behind and instead provides a variety of different services which produce asymmetric traffic, with the bulk on the downlink (forward link). This traffic asymmetry shifts the capacity limit from the uplink to the downlink. The 3gpp standard prescribes the use of fast power control for the downlink as well. We propose a model to calculate the first and second moment of the node-B transmit power which allows us to approximate its distribution and to determine the probability that the system becomes unstable when a certain transmit power is exceeded.
Although network intrusion detection systems (nIDS) are widely used, there is limited understanding of how these systems perform in different settings and how they should be evaluated. This paper examines how nIDS per...
详细信息
Although network intrusion detection systems (nIDS) are widely used, there is limited understanding of how these systems perform in different settings and how they should be evaluated. This paper examines how nIDS performance is affected by traffic characteristics, rulesets, string matching algorithms and processor architecture. The analysis presented in this paper shows that nIDS performance is very sensitive to these factors. Evaluating a nIDS therefore requires careful consideration of a fairly extensive set of scenarios. Our results also highlight potential dangers with the use of workloads based on combining widely-available packet header traces with synthetic packet content as well as with the use of synthetic rulesets.
Regression testing is an important part of software quality assurance. We work to extend regression testing to include regression benchmarking, which applies benchmarking to detect regressions in performance. Given th...
详细信息
Modeling and managing business processes that span multiple organizations involves new challenges, mainly regarding the ability to cope with change, decentralization, and the required support for interoperability. In ...
详细信息
暂无评论