Automatic Traffic-Based Internet Control Message Protocol (ICMP) Model Generation for ns-3

Report No. ARL-TR-7543
Authors: Jaime C Acosta, Felipe Jovel, Felipe Sotelo, and Caesar Zapata
Date/Pages: December 2015; 40 pages
Abstract: The urgency of measuring the security posture of network systems continues to increase with the development of new technologies and the number of vulnerabilities that these introduce. The most effective way of testing these networks is through field tests on real systems in operational environments. Although this provides the highest level of accuracy, the disadvantages that arise with this approach can limit its efficiency and success. These challenges include high costs, time constraints, and the coordination efforts involved in the execution of these tests. One potential solution is the generation of system models that facilitate the continuous experimentation and testing on simulations of these networks in a laboratory environment. Models aid in the testing and analyzing of network systems, but as things stand today, there are limitations to this approach: models can lack synchronization with actual systems and must be built mostly from scratch. In this report, we introduce the ns-3 Model Generator; a tool aimed at automating the generation of protocol models and scenario files that can be run on the ns-3. Our focus for this work was to recreate the Internet Control Message Protocol (ICMP) Ping protocol and an ns-3 scenario using only a 10-second Wireshark network capture. Our results show that in many aspects, the autogenerated protocol is closer to ground truth.
Distribution: Approved for public release
  Download Report ( 1.601 MBytes )
If you are visually impaired or need a physical copy of this report, please visit and contact DTIC.

Last Update / Reviewed: December 1, 2015