Abstract

The aim of this work is to propose a framework for the distributed simulation of cyber attacks based on high-level architecture (HLA), which is a commonly used standard for distributed simulations. The proposed framework and the corresponding simulator, which is called the distributed cyber attack simulator (abbreviated by DCAS), help administrators to model and evaluate the security measures of the networks. At the core of the DCAS is a simulation engine based on Portico, which is an open source HLA run-time infrastructure. The DCAS works in two modes: interactive and automated. Three types of simulation components (which are called federates in HLA terminology) are considered in the framework: the (1) network federate, (2) attacker federate and (3) defender federate. The simulator provides features for graphical design of the network models, animated traffic simulation, data collection, statistical analysis and different consoles for attacking and defending elements (e.g., intrusion detection systems, intrusion prevention systems). To increase the fidelity of the simulation outputs, real-world payloads are used by the DCAS. All the exploits information and the parameters of various network elements are automatically extracted from the open source vulnerability database. Also, the Snort rule-set is used as the signature database of the defending elements. The architecture and algorithms of the DCAS and the corresponding underlying simulation engine plus the security evaluation results of two illustrative examples are presented in this paper.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.