Developing Simulated Cyber-Attack Scenarios Against Virtualized Adversary Networks
Abstract
Cyberspace Is recognized as a critical domain In modern warfare. The ability of military forces to maintain and
secure their own operational networks, while simultaneously degrading or denying the ability of adversaries to operate their
networks, ls a critical strategic objective for military planners and leaders. Conducting effective offensive cyber operations
(OCO) against sophisticated adversary networks requires the ability to develop, test, and rehearse cyber-attack actions
before they are employed operationally. This requirement Is well understood and practiced In the physical warfare domains,
where ships, aircraft and tanks can exercise their capabilities against physical targets; It Is not, however, well refined In the
cyber domain. This research Introduces a framework to address this need, and demonstrates a prototype for cyber-attack
scenario development and rehearsal In a virtual network environment. By extending the earlier work of the Naval
Postgraduate School's Malicious Activity Simulation Tool (MAST), a distributed client-server based software tool designed to
launch Inert malware attacks on live networks, we were able to demonstrate cyber-attack scenarios based on temporal
specificity and target discrimination as attack parameters. Our prototype accurately models an adversary network In a virtual
environment, providing the ability to develop cyber-attack actions to achieve specific cyber effects against hosts on the
Intended target network. The architecture allows cyber forces to rehearse specific cyber actions prior to launching a cyberattack,
In order to provide a more accurate assessment of the efficacy of these actions against a realistic model of the target
network. This framework allows military forces to better train and prepare for cyber operations to help achieve cyber
superiority In modern warfare.
Description
Proceedings of the 13th International Conference on Cyber Warfare and Security ICCWS 2018; Hosted By
National Defense University, Washington DC, USA; 8 - 9 March 2018.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
Developing simulated cyber attack scenarios against virtualized adversary networks
Aybar, Luis E. (Monterey, California: Naval Postgraduate School, 2017-03);Cyberspace is now recognized as a critical center of gravity for modern military forces. The ability to maintain operational networks, while degrading the enemy's network capability, is a key consideration for military ... -
ATTACK GRAPHS FOR MODELING AND SIMULATING SOPHISTICATED CYBER ATTACKS
Swiatocha, Travis L. (Monterey, CA; Naval Postgraduate School, 2018-06);The growing importance of the cyber domain to the military has created a need not only to train its cyber operators, but also to provide an environment for them to plan, develop, and rehearse cyber-attacks to determine ... -
Integrated cyber defenses towards cyber defense doctrine
Cloud, Donald W. (Monterey, California. Naval Postgraduate School, 2007-12);At the same time that the Department of Defense (DoD) has leveraged Network Centric Warfare concepts to increase the operational effectiveness of U.S. military forces and to gain decision superiority over adversaries, the ...