Title :
Context Model Fusion for Multistage Network Attack Simulation
Author :
Moskal, Stephen ; Wheeler, B. ; Kreider, Derek ; Kuhl, Michael E. ; Yang, Shanchieh Jay
Author_Institution :
Rochester Inst. of Technol., Rochester, NY, USA
Abstract :
Analyzing and predicting complex network attack strategies require an efficient way to produce realistic and up-to-date data representing a variety of attack behaviors on diverse network configurations. This work develops a simulation system that fuses four context models: the networks, the system vulnerabilities, the attack behaviors, and the attack scenarios, so as to synthesize multistage attack sequences. The separation of different context models enables flexibility and usability in defining these models, as well as a comprehensive synthesis of attack sequences under different combinations of situations. After describing the design of the context models, an example use of the simulator and sample outputs, including the ground truth actions and sensor observables, will be discussed.
Keywords :
security of data; attack behaviors; complex network attack strategies; context model fusion; ground truth actions; multistage attack sequence synthesis; multistage network attack simulation; sensor observables; system vulnerabilities; Computational modeling; Computer crime; Context; Context modeling; IP networks; Servers;
Conference_Titel :
Military Communications Conference (MILCOM), 2014 IEEE
Conference_Location :
Baltimore, MD
DOI :
10.1109/MILCOM.2014.32