ATTACK SIMULATION
Computer systems and networks are exposed to attacks on a daily basis. IT technicians and information security practitioners must deploy protection technologies that proactively guard against and minimize the impact of successful attacks. Worms, viruses and targeted surgical strikes by highly skilled attackers must be taken into account. In a large, complex IT environment where implementing new security solutions is expensive and time-consuming, it is helpful to be able to simulate and test different network configurations prior to making deployment decisions or major network changes. However, there are no tools available today for effectively measuring the security in simulated networks. Current simulation solutions are either focused on areas other than security, or lack sufficient complexity or flexibility.
CoreLabs has addressed this problem by designing a solution for interactively simulating networks of computer systems and launching attacks against either known or hypothetical vulnerabilities. Our simulation solution is designed to enable IT managers to evaluate the security of different network configurations and test different scenarios. This system permits quick changes in configurations and therefore enables effectively the testing of various network infrastructures.
Our research focuses on the interactive simulation of realistic scenarios where the simulated machines have the same observable behavior as real machines. Users are able to modify configurations, reproduce attacks and access the log data, which is produced by the auditing tools. This solution utilizes the same conceptual model as Attack Planning.
Project Resources:
 |
Carlos Sarraute and Alejandro Weil,
"Advances in Automated Attack Planning",
PacSec Conference, Tokyo, Japan, November 12/13, 2008. |
|
Carlos Sarraute, Fernando Miranda and Jose Orlicki,
"Simulation of Computer Network Attacks",
Argentine Symposium on Computing Technology (AST) 2007 - 36 JAIIO,
August 30/31, 2007. |
« Back to Projects List