This page talks about language used to design experiments. It should both be used to design metadescriptions and perhaps to make them more specific to a particular experiment the user wants to run.

Examples

I'll start with a few examples of experiments first, that we should be able to design in this language.

1. A botnet experiment where a worm infects some vulnerable hosts, they organize into a P2P botnet with some botmaster and start exchanging C&C traffic. Experimenter wants to observe the evolution of the botnet and the amount of traffic that master receives. There are three classes of experiments here that need to be combined together:
   1. an experiment where worm spreads and infects vulnerable hosts
   2. an experiment where some hosts organize into P2P network and somehow elect a botmaster
   3. an experiment where peers start exchanging some C&C botnet traffic

2. A cache poisoning experiment where the attacker poisons a DNS cache to take over authority for a given domain. The attacker then creates a phishing page and tries to steal user's usernames/passwords. There are two classes of experiments that need to be combined:
   1. an experiment where a DNS cache is poisoned, subclass of cache poisoning experiments
   2. an experiment where a phishing attack is conducted via a Web page to steal usernames/passwords

3. An ARP spoofing experiment where the attacker puts himself in between two nodes and then modifies their traffic. There are two classes of experiments that need to be combined:
   1. an experiment where ARP poisoning happens between two nodes by the attacker
   2. an experiment where an attacker changes traffic passing through it