Automated Cyber-attack Scenario Generation Using the Symbolic Simulation
The major objective of this paper is to propose the automated cyber-attack scenario generation methodology based on the symbolic simulation environment. Information Assurance is to assure the reliability and availability of information by preventing from attack. Cyber-attack simulation is one of noticeable methods for analyzing vulnerabilities in the information assurance field, which requires variety of attack scenarios. To do this, we have adopted the symbolic simulation that has extended a conventional numeric simulation. This study can 1) not only generate conventional cyber-attack scenarios but 2) generate cyber-attack scenarios still unknown, and 3) be applied to establish the appropriate defense strategies by analyzing generated cyber-attack. Simulation test performed on sample network system will illustrate our techniques.
KeywordsDiscrete Event System Attack Scenario Symbolic Time Attack Process Information Assurance
Unable to display preview. Download preview PDF.
- 1.Longstaff, T.A., et al.: Are We Forgetting the Risks of Information Technology. IEEE Computer, 43–51 (December 2000)Google Scholar
- 2.Ye, N., Giordano, J.: CACS - A Process Control Approach to Cyber Attack Detection. Communications of the ACM (1998)Google Scholar
- 3.DoD: Defensive Information Operations, Technical Report #6510.01B (June 1997)Google Scholar
- 4.Jones, A.: The challenge of building survivable information-intensive systems. IEEE Computer, 39–43 (August 2000)Google Scholar
- 5.Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. In: 1999 IEEE Symposium on Security and Privacy Special 20th Anniversary Program, May 9-12, The Claremont Resort Berkeley, California (1999)Google Scholar
- 6.Amoroso, E.: Intrusion Detection, AT&T Laboratory, Intrusion Net Books (January 1999)Google Scholar
- 7.Wadlow, T.A.: The Process of Network Security. Addison-Wesley, Reading (2000)Google Scholar
- 8.Chi, S.D., et al.: Network Security Modeling and Cyber-attack Simulation Methodology. In: 6th Australian Conf. on Information Security and Privacy, Sydney. Lecture Notes on Computer Science series (July 2001)Google Scholar
- 11.Zeigler, B.P., Praehofer, H., Kim, T.G.: Theory of Modeling and Simulation, 2nd edn. Academic Press, London (1999)Google Scholar
- 12.Chi, S.D.: Model-Based Reasoning Methodology Using the Symbolic DEVS Simulation. TRANSACTIONS of the Society for Computer Simulation International 14(3), 141–151 (1996)Google Scholar
- 14.Chi, S.D., Lee, J.O., Kim, Y.K.: Using the SES/MB Framework to Analyze Traffic Flow. Trans. of Computer Simulation International 14(4) (December 1997)Google Scholar