Simulation of Computer Network Attacks
Carlos Sarraute (1, 2), Fernando Miranda (1), Jose I. Orlicki (1, and 2) ((1) CoreLabs, Core Security Technologies, (2) ITBA (Instituto, Tecnologico de Buenos Aires))
TL;DR
This paper introduces a prototype for simulating large-scale computer network attacks, based on real-world intrusion models, to help understand attack dynamics from an attacker's perspective.
Contribution
It presents a novel simulation framework that models vulnerabilities and exploits as communication channels, enabling realistic large network attack scenarios.
Findings
Successfully simulates networks with thousands of hosts.
Provides a new conceptual model for attack analysis.
Demonstrates applications in attack scenario testing.
Abstract
In this work we present a prototype for simulating computer network attacks. Our objective is to simulate large networks (thousands of hosts, with applications and vulnerabilities) while remaining realistic from the attacker's point of view. The foundation for the simulator is a model of computer intrusions, based on the analysis of real world attacks. In particular we show how to interpret vulnerabilities and exploits as communication channels. This conceptual model gives a tool to describe the theater of operations, targets, actions and assets involved in multistep network attacks. We conclude with applications of the attack simulator.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Advanced Malware Detection Techniques · Information and Cyber Security