Résumé: In this article, we investigate the differences between simulation and emulation when conducting denial of service (DoS) attack experiments. As a case study, we consider low-rate TCP-targeted DoS attacks. We design constructs and tools for emulation testbeds to achieve a level of control comparable to simulation tools. Through a careful sensitivity analysis, we expose difficulties in obtaining meaningful measurements from the DETER, Emulab, and WAIL testbeds with default system settings. We find dramatic differences between simulation and emulation results for DoS experiments. Our results also reveal that software routers such as Click provide a flexible experimental platform, but require understanding and manipulation of the underlying network device drivers. Our experiments with commercial Cisco routers demonstrate that they are highly susceptible to the TCP-targeted attacks when ingress/egress IP filters are used.

Langue: Anglais