Copyright © 2008 by the Consortium for Computing Sciences in Colleges.
Permission to copy
without fee all or part of this material is granted provided that the copies are not made or
distributed for direct commercial advantage, the CCSC copyright notice and the title of the
publication and its date appear, and notice is given that copying is by permission of the
Consortium for Computing Sciences in Colleges.
To copy otherwise, or to republish, requires a
fee and/or specific permission.
BUILDING A NETWORK TESTBED FOR INTERNET
, Rick Massengale
, Ningning Wu
Applied Science Department
Information Science Department
University of Arkansas at Little Rock
Historical research of intrusion, anomaly, or rogue software detection, and
network protection techniques to prevent Denial of Service, or other malicious
software attacks, have involved antiquated singularly scoped techniques.
Malicious software attacks, whether in the form of worms, spyware, malware,
or computer viruses, have economically and productively impacted the state
of information exchange throughout the interconnected world. The ability to
proactively identify the threats or unauthorized activity that contradicts day-to-
day activities, will allow initiation of defenses before a full threat infestation
occurs. This paper describes a test networked system that has been built for our
research projects involving Internet worm detection. The goal of the system is
to simulate a global network containing heterogeneous systems; in turn, we
may study the behaviors of various worms and to design effective strategies
for predicting, detecting, and quarantining outbreaks.
The mere utterance of Jerusalem, Michelangelo, Melissa, Sobig, Code Red or the
economically devastating Loveletter will bring the most hardened networking
conversations to a stop to hear what is stated. These devastating and destructive network
forces rage through global networks affecting businesses, residences, and impeding the
daily activities of all networked technology. Technologies that would decisively prevent
the onset of these attacks have not yet been developed, nor has the activity of these
destructive occurrences been exposed unless they first impede the “normal” operation of