A major challenge that researchers face in studying cybersecurity, e.g., Denial of Service (DoS) attacks, worms, and botnets, is the size of the network to be investigated. A typical attack usually takes place over a large portion of the Internet and involves a considerable number of hosts. Since it is often infeasible to perform cybersecurity experiments directly on the Internet, modeling, simulation, emulation, and testbed experiments are important techniques for researchers to study large-scale systems.
A key tradeoff exists between scalability of cybersecurity models and experiments and their fidelity. For example, analytical models and simulators scale through abstraction. The popular network simulator ns-2 uses simplified models for physical links, host operating systems, and lower layers of the network protocol stack. Naturally, the simplification of hardware and system properties can adversely impact the fidelity of experimental results. While emulation can provide higher fidelity to the real system, scalability is a challenge. The goal of this workshop is to understand this fundamental tradeoff between scale and fidelity in the context of cybersecurity experimentation.