Abstract
This chapter presents SEA++, a simulation framework that extends OMNeT++ and the INET Framework for evaluating the impact of security attacks on networks and applications in a flexible and user-friendly way. To this end, SEA++ relies on two fundamental building blocks. First, the user describes the attacks to be evaluated by using a high-level Attack Specification Language (ASL). In particular, only the final effects of such attacks are described, rather than their actual performance. Second, the Attack Simulation Engine (ASE) takes these high-level descriptions as input and accordingly injects attack events at runtime, by means of additional software modules that seamlessly and transparently operate with the other INET modules. This allows the user to quantitatively assess the impact of cyber/physical attacks in simulated network scenarios, and hence rank them according to their severity as a support to risk assessment and selection of countermeasures. As a further advantage, the user is not required to alter any software module or application, or to implement any adversary model for the actual execution of security attacks. Finally, this chapter also includes a step-by-step explicative example showing how to set up and use SEA++ for describing attacks and assessing their impact.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
SEA++ Github repository: https://github.com/seapp/seapp_stable.
References
Bonaci, T., Bushnell, L., Poovendran, R.: Node capture attacks in wireless sensor networks: a system theoretic approach. In: The 49th IEEE Conference on Decision and Control (CDC 2010), pp. 6765–6772 (2010)
Boulis, T.: Castalia. https://github.com/boulis/Castalia (2018)
Dini, G., Tiloca, M.: ASF: an attack simulation framework for wireless sensor networks. In: The 8th IEEE International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob 2012), pp. 203–210. IEEE, Ahmedabad (2012)
Dini, G., Tiloca, M.: On simulative analysis of attack impact in wireless sensor networks. In: 2013 IEEE 18th Conference on Emerging Technologies and Factory Automation (ETFA), pp. 1–8. IEEE, Ahmedabad (2013)
Open Networking Foundation: Software-defined networking: the new norm for networks, ONF White Paper (2012). https://www.opennetworking.org/images/stories/downloads/sdn-resources/white-papers/wp-sdn-newnorm.pdf
Genge, B., Siaterlis, C., Hohenadel, M.: AMICI: an assessment platform for multi-domain security experimentation on critical infrastructures. In: Critical Information Infrastructures Security. Lecture Notes in Computer Science, vol. 7722, pp. 228–239. Springer, Berlin (2013)
Huang, Y.L., Cárdenas, A.A., Amin, S., Lin, Z.S., Tsai, H.Y., Sastry, S.: Understanding the physical and economic consequences of attacks on control systems. Int. J. Crit. Infrastruct. Prot. 2(3), 73–83 (2009)
Klein, D., Jarschel, M.: An OpenFlow extension for the OMNeT++ INET framework. In: 6th International ICST Conference on Simulation Tools and Techniques (SimuTools ’13), pp. 322–329 (2013)
Kreutz, D., Ramos, F.M.V., Veríssimo, P.E., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14–76 (2015)
Pitt, D.: Open Networking Foundation. http://opennetworking.org (2012)
Queiroz, C., Mahmood, A., Tari, Z.: SCADASim–a framework for building SCADA simulations. IEEE Trans. Smart Grid 2(4), 589–597 (2011)
Sánchez-Casado, L., Rodríguez-Gómez, R.A., Magán-Carrión, R., Maciá-Fernández, G.: NETA: evaluating the effects of NETwork attacks. MANETs as a case study. In: Advances in Security of Information and Communication Networks. Communications in Computer and Information Science, vol. 381, pp. 1–10. Springer, Berlin (2013)
Siaterlis, C., Garcia, A.P., Genge, B.: On the use of emulab testbeds for scientifically rigorous experiments. IEEE Commun. Surv. Tutorials 15(2), 929–942 (2013)
Stoneburner, G., Goguen, A., Feringa, A.: Risk management guide for information technology systems - recommendations of the National Institute of Standards and Technology. Technology Report, National Institute of Standards and Technologies (2002). http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf
Tiloca, M., Racciatti, F., Dini, G.: Simulative evaluation of security attacks in networked critical infrastructures. In: 2nd International Workshop on Reliability and Security Aspects for Critical Infrastructure Protection (ReSA4CI 2015). Lecture Notes in Computer Science, LNCS, vol. 9338, pp. 314–323. Springer, Berlin (2015)
Tiloca, M., Stagkopoulou, A., Dini, G.: Performance and security evaluation of SDN networks in OMNeT++/INET. In: OMNeT++ Community Summit 2016, pp. 9–14 (2016)
Tiloca, M., Racciatti, F., Stagkopoulou, A., Dini, G.: SEA++, a tool for Simulative Evaluation of Attacks. https://github.com/seapp/seapp_stable (2017)
Wang, Y.T., Bagrodia, R.: SenSec: a scalable and accurate framework for wireless sensor network security evaluation. In: The 31st International Conference on Distributed Computing Systems Workshops (ICDCSW 2011), pp. 230–239 (2011)
Xu, Y., Chen, G., Ford, J., Makedon, F.: Detecting wormhole attacks in wireless sensor networks. In: Goetz, E., Shenoi, S. (eds.) Critical Infrastructure Protection, Post-Proceedings of the First Annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection, IFIP, vol. 253, pp. 267–279. Springer, Berlin (2007)
Acknowledgements
The authors sincerely thank the anonymous reviewers as well as the editors Antonio Virdis and Michael Kirsche for their constructive feedback and comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Tiloca, M., Dini, G., Racciatti, F., Stagkopoulou, A. (2019). SEA++: A Framework for Evaluating the Impact of Security Attacks in OMNeT++/INET. In: Virdis, A., Kirsche, M. (eds) Recent Advances in Network Simulation. EAI/Springer Innovations in Communication and Computing. Springer, Cham. https://doi.org/10.1007/978-3-030-12842-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-12842-5_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12841-8
Online ISBN: 978-3-030-12842-5
eBook Packages: EngineeringEngineering (R0)