Evaluation Methods for Internet Security Technology (EMIST)
EMIST Project Overview
The EMIST project is funded by NSF and DHS to pursue cyber-security
research. EMIST is a collaboration among Penn State, UC Davis, Purdue, ICSI, McAfee, Sparta, and SRI.
EMIST and its sister DETER project form the nucleus of the DETER laboratory effort. The EMIST research team includes experts in security, networking, data analysis, software engineering, and operating systems who are committed to developing testing frameworks and methodologies for cyber security. The DETER project is building and operating the DETER testbed as experimental infrastructure for EMIST and other security researchers.
The general objective of EMIST is to develop thorough, realistic, and scientifically rigorous testing frameworks and methodologies for particular classes of network attacks and defense mechanisms. These testing frameworks will be adapted for different kinds of experimental approaches, including simulators such as NS, emulation facilities such as the DETER testbed, and both small and large testbeds of real hardware. They will include attack scenarios; attack simulators; generators for topology and background traffic; data sets derived from live traffic; and tools to monitor and summarize test results. These frameworks will allow researchers to experiment with a variety of parameters representing the network environment, attack behaviors, and the configuration of the mechanisms under test
These frameworks and methodologies are being validated through experiments on the DETER testbed. This validation involves tests on representative network defense mechanisms, including intrusion detection systems (IDSs), automated attack traceback mechanisms, traffic rate-limiting to control DDoS attacks, and mechanisms to detect large-scale worm attacks.