Advertisement

Automated Cyber-attack Scenario Generation Using the Symbolic Simulation

  • Jong-Keun Lee
  • Min-Woo Lee
  • Jang-Se Lee
  • Sung-Do Chi
  • Syng-Yup Ohn
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3397)

Abstract

The major objective of this paper is to propose the automated cyber-attack scenario generation methodology based on the symbolic simulation environment. Information Assurance is to assure the reliability and availability of information by preventing from attack. Cyber-attack simulation is one of noticeable methods for analyzing vulnerabilities in the information assurance field, which requires variety of attack scenarios. To do this, we have adopted the symbolic simulation that has extended a conventional numeric simulation. This study can 1) not only generate conventional cyber-attack scenarios but 2) generate cyber-attack scenarios still unknown, and 3) be applied to establish the appropriate defense strategies by analyzing generated cyber-attack. Simulation test performed on sample network system will illustrate our techniques.

Keywords

Discrete Event System Attack Scenario Symbolic Time Attack Process Information Assurance 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Longstaff, T.A., et al.: Are We Forgetting the Risks of Information Technology. IEEE Computer, 43–51 (December 2000)Google Scholar
  2. 2.
    Ye, N., Giordano, J.: CACS - A Process Control Approach to Cyber Attack Detection. Communications of the ACM (1998)Google Scholar
  3. 3.
    DoD: Defensive Information Operations, Technical Report #6510.01B (June 1997)Google Scholar
  4. 4.
    Jones, A.: The challenge of building survivable information-intensive systems. IEEE Computer, 39–43 (August 2000)Google Scholar
  5. 5.
    Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. In: 1999 IEEE Symposium on Security and Privacy Special 20th Anniversary Program, May 9-12, The Claremont Resort Berkeley, California (1999)Google Scholar
  6. 6.
    Amoroso, E.: Intrusion Detection, AT&T Laboratory, Intrusion Net Books (January 1999)Google Scholar
  7. 7.
    Wadlow, T.A.: The Process of Network Security. Addison-Wesley, Reading (2000)Google Scholar
  8. 8.
    Chi, S.D., et al.: Network Security Modeling and Cyber-attack Simulation Methodology. In: 6th Australian Conf. on Information Security and Privacy, Sydney. Lecture Notes on Computer Science series (July 2001)Google Scholar
  9. 9.
    Park, J.S., et al.: SECUSIM: A Tool for the Cyber-Attack Simulation. In: Qing, S., Okamoto, T., Zhou, J. (eds.) ICICS 2001. LNCS, vol. 2229, p. 471. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Zeigler, B.P.: Object-oriented Simulation with Hierarchical, Modular Models: Intelligent Agents and Endomorphic Systems. Academic Press, London (1990)zbMATHGoogle Scholar
  11. 11.
    Zeigler, B.P., Praehofer, H., Kim, T.G.: Theory of Modeling and Simulation, 2nd edn. Academic Press, London (1999)Google Scholar
  12. 12.
    Chi, S.D.: Model-Based Reasoning Methodology Using the Symbolic DEVS Simulation. TRANSACTIONS of the Society for Computer Simulation International 14(3), 141–151 (1996)Google Scholar
  13. 13.
    Zeigler, B.P., Chi, S.D.: Symbolic Discrete Event System Specification. IEEE Trans. on System, Man, and Cybernetics 22(6), 1428–1443 (1992)CrossRefGoogle Scholar
  14. 14.
    Chi, S.D., Lee, J.O., Kim, Y.K.: Using the SES/MB Framework to Analyze Traffic Flow. Trans. of Computer Simulation International 14(4) (December 1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Jong-Keun Lee
    • 1
  • Min-Woo Lee
    • 2
  • Jang-Se Lee
    • 3
  • Sung-Do Chi
    • 4
  • Syng-Yup Ohn
    • 4
  1. 1.Cartronics R&D CenterHyundai MOBISKorea
  2. 2.Cooperation of SenaKorea
  3. 3.The Division of Information Technology EngineeringKorea Maritime UniversityKorea
  4. 4.The Department of Computer EngineeringHangkong UniversityKorea

Personalised recommendations