������������������ ���������������������� � � �������������������������������� ����������������������������������������� �������������������������������������������� Simulation CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring 2008 1 CSE598K/CSE545 - Advanced Network Security - McDaniel Page
Simulation • Alan Turing - implementation of a state- transition system (in proving properties of algorithms/computing systems) As systems security people, this is a ‣ essential methodological tool. • Measurement vs. Emulation vs. Simulation Measurement - measuring system behavior ‣ Emulation - imitating system behavior ‣ ‣ Simulation - modeling the entire 2 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Why simulate? • Measuring the behavior of the a system/environment/ phenomenon is too costly Where you need to run many experiments ( repetition ) ‣ ‣ Where the experiments take too long ( time compression ) Where you need to control non-determinism ( repeatability ) ‣ Where you need to instrument many/complex state ‣ ( measurement ) • Goal: demonstrate the behavior of an environment as a function of evolution and input parameters. 3 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Designing a simulator • What is the model? • What does the input /output look like? • What is the simulator structure? • What do you need to measure? • Types of simulation ‣ Trace-based simulation - using measurements of real environment ‣ Synthetic - all inputs and state are invented/created/derived for experiment 4 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Model • A model is is conceptual device that abstracts the features of reality that are not important ( independent of ) the measured features? ‣ What features of the environment do we want to measure? What features should be deterministic/randomized? ‣ What is the (simplified) state machine look like? ‣ • Decisions: Real vs. virtual time? ‣ Logical clocks help simplify complex interleaving of events • Monolithic vs. distributed simulation? ‣ Distributed simulations introduce problems (synchronization) and • advantages (parallelization) 5 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
What makes a good model? • That which is ... ‣ representative - reflects reality. ‣ simulatable - can feasibly implement and run. ‣ verifiable - can determine it is correct. 6 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Simulator Input • A workload is description or record of the simulated environment What is fixed? ‣ ‣ What is variable? • Input parameters What factors do you want to vary? ‣ Continuous vs. discrete? • How do these factors increase the complexity of the simulator? • • Caution : simulators with lots of input parameters can get complex quickly, and the interactions between input parameters get subtler. 7 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Simulator Output • What are the parameters that you want to measure or need to track to show the simulated environment? Performance ‣ Cost ‣ Change ‣ • Caution: to much/little makes post-processing difficult. • Note: Format output for post-evaluation (e.g., gnuplot) 8 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Simulation Design • State transition diagram - a graphical representation of the states and transitions of the system. • Common designs: Clock - model time as discrete steps, visit each independent ‣ element once per unit time Event driven - model interesting events as events which fire ‣ when some precondition is met • Hint : try to separate the invariant behavior from the tunable/selectable (OO helps). 9 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
A Generic Clock Design • Clock - model time as discrete steps, visit each independent element once per unit time Init Loop Close STOP 10 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
A Generic Event Simulator • Event driven - model interesting events as events which fire when some precondition is met Init Loop Close STOP 11 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
An example: WebSoS • A WebSoS overlay network under attack is under attack, where every edge node is discovered by the DDoS adversary eventually. The host is promptly DOSed. The adversary learns something that will aid in future identification of the discovered hosts peers. • Goal: to discover how resilient the network is in sustaining traffic in the presence of node discovery. Model? ‣ ‣ Inputs/Outputs? What do you want to show? ‣ 12 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Validation • Validation is the process whereby the faithfulness of the simulation is demonstrated. • Model verification shows that the conceptual model reflects reality Are the abstracted features truly independent? ‣ What is lost virtualization of time or other features? ‣ Can you quantify or explain the inaccuracies? ‣ • By proof : can you state the model as a mathematical property you want to measure? Investigate the construction STD ‣ 13 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Simulator Validation • Simulator validation show that you have implemented the algorithms/model correctly? Isolate each part of implementation (each algorithm) ‣ ‣ Fix the randomness (where possible) Hand-craft input, predict output ‣ Run experiment ‣ Validate output (inspection vs. statistical test) ‣ • Note: This is often one of the more complex and difficult parts of simulation. 14 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Homework • Complete the simulation experiment. See handout. 15 Systems and Internet Infrastructure Security Laboratory (SIIS) Page
Recommend
More recommend