Abstract
The paper describes implementation issues of and experiments with the software tool “Attack Simulator” intended for active assessment of computer networks vulnerability at the stages of design and deployment. The suggested approach is based on malefactor’s intention modeling, ontology-based attack structuring and state machines specification of attack scenarios. The paper characterizes a generalized agent-based architecture of Attack Simulator. The generation of attacks against computer network model and real computer network is analyzed. The experiments demonstrating efficiency of Attack Simulator in generating various attacks scenarios against computer networks with different configurations and security policies are considered.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chi, S.-D., Park, J.S., Jung, K.-C., Lee, J.-S.: Network Security Modeling and Cyber Attack Simulation Methodology. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, p. 320. Springer, Heidelberg (2001)
Cohen, F.: Simulating Cyber Attacks, Defenses, and Consequences. In: IEEE Symposium on Security and Privacy, Berkeley, CA (1999)
Dawkins, J., Campbell, C., Hale, J.: Modeling network attacks: Extending the attack tree paradigm. In: Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection. Johns Hopkins University, Baltimore (2002)
Durst, R., Champion, T., Witten, B., Miller, E., Spanguolo, L.: Testing and evaluating computer intrusion detection systems. Communications of ACM 42(7) (1999)
Goldman, R.P.: A Stochastic Model for Intrusions. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, p. 199. Springer, Heidelberg (2002)
Gorodetski, V., Karsayev, O., Kotenko, I., Khabalov, A.: Software Development Kit for Multi-agent Systems Design and Implementation. In: Dunin-Keplicz, B., Nawarecki, E. (eds.) CEEMAS 2001. LNCS (LNAI), vol. 2296, p. 121. Springer, Heidelberg (2002)
Gorodetski, V., Kotenko, I.: Attacks against Computer Network: Formal Grammar-based Framework and Simulation Tool. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, p. 219. Springer, Heidelberg (2002)
Howard, J.D., Longstaff, T.A.: A Common Language for Computer Security Incidents, SANDIA REPORT, SAND98-8667 (1998)
Householder, A., Houle, K., Dougherty, C.: Computer Attack Trends Challenge Internet Security. IEEE Security & Privacy magazine, New Challenges, New Thinking (April 2002)
Kemmerer, R.A., Vigna, G.: NetSTAT: A network-based intrusion detection approach. In: Proceedings of the 14th Annual Computer Security Applications Conference, Scottsdale, Arizona (1998)
Kotenko, I.: Teamwork of Hackers-Agents: Modeling and Simulation of Coordinated Distributed Attacks on Computer Networks. In: Mařík, V., Müller, J.P., Pěchouček, M. (eds.) CEEMAS 2003. LNCS (LNAI), vol. 2691, p. 464. Springer, Heidelberg (2003)
Kumar, S., Spafford, E.H.: An Application of Pattern Matching in Intrusion Detection. Technical Report CSDTR 94 013. Purdue University. West Lafayette (1994)
Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, p. 162. Springer, Heidelberg (2000)
Moitra, S.D., Konda, S.L.: A Simulation Model for Managing Survivability of Networked Information Systems, Technical Report CMU/SEI-2000-TR-020 ESC-TR-2000-020 (2000)
Moore, A.P., Ellison, R.J., Linger, R.C.: Attack Modeling for Information Security and Survivability. Technical Note CMU/SEI-2001-TN-001. Survivable Systems (2001)
Ritchey, R.W., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings of IEEE Computer Society Symposium on Security and Privacy (2000)
Schneier, B.: Attack Trees: Modeling Security Threats. Dr. Dobb’s Journal (December 1999)
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of the IEEE Computer Society Symposium on Security and Privacy (2002)
Stewart, A.J.: Distributed Metastasis: A Computer Network Penetration Methodology. Phrack Magazine 9(55) (1999)
Swiler, L., Phillips, C., Ellis, D., Chakerian, S.: Computer-attack graph generation tool. In: Proceedings DISCEX 2001 (2001)
Templeton, S.J., Levitt, K.: A Requires/Provides Model for Computer Attacks. In: Proceedings of the New Security Paradigms Workshop (2000)
Vigna, G., Eckmann, S.T., Kemmerer, R.A.: Attack Languages. In: Proceedings of the IEEE Information Survivability Workshop, Boston (2000)
Yuill, J., Wu, F., Settle, J., Gong, F., Forno, R., Huang, M., Asbery, J.: Intrusion-detection for incident-response, using a military battlefield-intelligence process. In: Computer Networks, vol. 34 (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kotenko, I., Man’kov, E. (2003). Experiments with Simulation of Attacks against Computer Networks. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_15
Download citation
DOI: https://doi.org/10.1007/978-3-540-45215-7_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40797-3
Online ISBN: 978-3-540-45215-7
eBook Packages: Springer Book Archive