Abstract
Information assurance protects against a violation of information and its technologies that construct, operate and control information infrastructures, and assure the reliability and the availability of those. One of the efforts for information assurance is to build model of each computer and network system and perform the simulation to evaluate various threats to that model so that the vulnerability is estimated and optimal security policy can be generated. We argue about the need and difficulties of simulation in information assurance and suggest information assurance method using DEVS formalism, hierarchical & modular modeling and simulation environment, to solve the difficulties. The application and validity of suggested methodology will be proven through the vulnerability analysis method based on simulation and SECUSIM, which is a tool of training cyber-attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Longstaff, T.A., Chittister, C., Pethia, R., Haimes, Y.Y.: Are We Forgetting the Risks of Information Technology. IEEE Computer, 43–51 (2000)
Ye, N., Hosmer, C., Giordano, J., Feldman, J.: Critical Information Infrastructure Protection through Process Modeling and Model-based Information Fusion. In: Proc. the Information Survivability Workshop (1998)
Jones, A.: The challenge of building survivable information-intensive systems. IEEE Computer, 39–43 (2000)
DoD. Defensive Information Operations. Technical Report #6510.01B (1997)
Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. In: Proc IEEE Symposium on Security and Privacy Special 20th Anniversary Program. Berkeley, CA (1999)
Amoroso, E.: Intrusion Detection. AT&T Laboratory: Intrusion Net Books (1999)
Wadlow, T.A.: The Process of Network Security. Addison-Wesley, Reading (2000)
Ye, N., Giordano, J.: CACS - A Process Control Approach to Cyber Attack Detection. Communications of the ACM
Lee, J.-S., Jeong, J.-R., Chi, S.-D., Park, J.S.: Simulation-based Vulnerability Analysis. Computer Systems Science & Engineering (submitted)
Zeigler, B.P.: Object-oriented Simulation with Hierarchical, Modular Models: Intelligent Agents and Endomorphic systems. Academic Press, London (1990)
Zeigler, B.P., Praehofer, H., Kim, T.G.: Theory of Modeling and Simulation, 2nd edn. Academic Press, London (1999)
Zeigler, B.P.: Multifacetted Modeling and Discrete Event Simulation. Academic Press, London (1984)
Chi, S.D.: Model-Based Reasoning Methodology Using the Symbolic DEVS Simulation. Trans. of the Society for Computer Simulation International 14(3), 141–151 (1996)
Zeigler, B.P., Chi, S.D.: Symbolic Discrete Event System Specification. IEEE Trans. on System, Man, and Cybernetics 22(6), 1428–1443 (1992)
Chi, S.D., et al.: Automated Cyber-Attack Scenario Generation Using the Symbolic Simulation. Trans. of the Society for Computer Simulation International (submitted)
Chi, S.D., et al.: Network Security Modeling and Cyber-attack Simulation Methodology. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, p. 320. Springer, Heidelberg (2001)
Chi, S.D., et al.: SECUSIM: A Tool for the Cyber-Attack Simulation. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chi, SD., Park, J.S., Lee, JS. (2004). A Role of DEVS Simulation for Information Assurance. In: Chae, KJ., Yung, M. (eds) Information Security Applications. WISA 2003. Lecture Notes in Computer Science, vol 2908. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24591-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-24591-9_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20827-3
Online ISBN: 978-3-540-24591-9
eBook Packages: Springer Book Archive