We introduce and describe a novel network simulation tool called NeSSi (Network Security Simulator). NeSSi incorporates a variety of features relevant to network security distinguishing it from general-purpose network simulators. Its capabilities such as profilebased automated attack generation, traffic analysis and interface support for the plug-in of detection algorithms allow it to be used for security research and evaluation purposes. NeSSi has been utilized for testing intrusion detection algorithms, conducting network security analysis, and developing distributed security frameworks at the application level. NeSSi is built upon the agent component-ware framework JIAC [5], resulting in a distributed and easy-to-extend architecture. In this paper, we provide an overview of the NeSSi architecture and briefly demonstrate its usage in three example security research projects. These projects comprise of evaluation of stand-alone detection unit performance, detection device deployment at central nodes in the network and comparison of different detection algorithms.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	M. Bloem, T. Alpcan, S. Schmidt, and T. Başar. Malware filtering for network security using weighted optimality measures. In Proc. of 2007 IEEE Multi-conference on Systems and Control. IEEE, 2007. to appear.
	2	U. Brandes. A faster algorithm for betweenness centrality. Journal of Mathematical Sociology, 25(2): 163--177, 2001.
	3	R. Bye, K. Luther, S. A. Çamtepe, T. Alpcan, şahin Albayrak, and B. Yener. Decentralized Detector Generation in Cooperative Intrusion Detection Systems. In S. Masuzawa, Toshimitsu; Tixeuil, editor, Stabilization, Safety, and Security of Distributed Systems 9th International Symposium, SSS 2007 Paris, France, November 14--16, 2007 Proceedings, Lecture Notes in Computer Science, Vol. 4838. Springer, 2008.
	4	Stephanie Forrest , Alan S. Perelson , Lawrence Allen , Rajesh Cherukuri, Self-Nonself Discrimination in a Computer, Proceedings of the 1994 IEEE Symposium on Security and Privacy, p.202, May 16-18, 1994
	5	Stefan Fricke , Karsten Bsufka , Jan Keiser , Torge Schmidt , Ralf Sesseler , Sahin Albayrak, Agent-based telematic services and telecom applications, Communications of the ACM, v.44 n.4, p.43-48, April 2001  [doi>10.1145/367211.367251]
	6	M. Kodialam and T. Lakshman. Detecting network intrusions via sampling: A game theoretic approach. In Proceedings IEEE INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies, volume 3, pages 1880--1889, Apr. 2003.
	7	Michael Liljenstam , Jason Liu , David Nicol , Yougu Yuan , Guanhua Yan , Chris Grier, RINSE: The Real-Time Immersive Network Simulation Environment for Network Security Exercises, Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation, p.119-128, June 01-03, 2005  [doi>10.1109/PADS.2005.23]
	8	B. Liu, D. Figueiredo, Y. Guo, J. Kurose, and D. Towsley. A study of networks simulation efficiency: Fluid simulation vs. packet-level simulation. In INFOCOM 2001. Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings. IEEE, volume 3, pages 1244--1253, 2001.
	9	K. Luther, R. Bye, T. Alpcan, S. Albayrak, and A. Müller. A Cooperative AIS Framework for Intrusion Detection. In Proceedings of the IEEE International Conference on Communications (ICC 2007), 2007.
	10	David M. Nicol , Michael Liljenstam , Jason Liu, Advanced concepts in large-scale network simulation, Proceedings of the 37th conference on Winter simulation, December 04-07, 2005, Orlando, Florida
	11	ns-3 project. NS-3 network simulator. http://www.nsnam.org/docs/architecture.pdf.
	12	George F. Riley, The Georgia Tech Network Simulator, Proceedings of the ACM SIGCOMM workshop on Models, methods and tools for reproducible network research, August 25-27, 2003, Karlsruhe, Germany  [doi>10.1145/944773.944775]
	13	Scalable Network Technologies Inc. Qualnet. http://www.scalable-networks.com.
	14	S. Schmidt, T. Alpcan, S. Albayrak, and A. Müller. A Monitor Placement Game for Intrusion Detection. In Proc. of CRITIS, 2nd International Workshop on Critical Information Infrastructures Security, Lecture Notes in Computer Science. Springer, 2007. to appear.
	15	USC Information Sciences Institute. NS-2 network simulator 2.31. HTTP://WWW.ISI.EDU/NSNAM/NS/DOC/NS_DOC.PDF.
	16	Songjie Wei , Jelena Mirkovic , Martin Swany, Distributed Worm Simulation with a Realistic Internet Model, Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation, p.71-79, June 01-03, 2005  [doi>10.1109/PADS.2005.7]
	17	J. B. Yun, E. K. Park, E. G. Im, and H. P. In. A scalable, ordered scenario-based network security simulator. In Systems Modeling and Simulation: Theory and Applications, volume 3389/2005 of Lecture Notes in Computer Science (LNCS), pages 487--494. Springer-Verlag, 2005.