ATTACK GRAPHS FOR MODELING AND SIMULATING SOPHISTICATED CYBER ATTACKS
Swiatocha, Travis L.
Shaffer, Alan B.
MetadataShow full item record
The growing importance of the cyber domain to the military has created a need not only to train its cyber operators, but also to provide an environment for them to plan, develop, and rehearse cyber-attacks to determine their effectiveness. The Malicious Activity Simulation Tool (MAST) is a Naval Postgraduate School–developed application designed to simulate cyber-attack scenarios on adversary networks. This thesis extends the capabilities of MAST by enabling the development of sophisticated cyber-attack scenarios. We define a methodology for formally modeling cyber-attacks, simulating their execution, and observing their effects on virtualized adversary networks. Our methodology decomposes a cyber-attack graph into atomic events, represented as a finite state machine. We simulate the execution of the state machine utilizing MAST on a virtualized adversary network, which allows us to observe the entire attack sequence and the effects achieved on the target by the attack. We demonstrate our methodology stepping through the attack development from its high-level objectives, down to its state machine that we simulate utilizing MAST. Finally, we demonstrate our ability to successfully simulate a sophisticated denial-of-service attack scenario on an adversary target.
Approved for public release. distribution is unlimited
Showing items related by title, author, creator and subject.
Aybar, Luis E. (Monterey, California: Naval Postgraduate School, 2017-03);Cyberspace is now recognized as a critical center of gravity for modern military forces. The ability to maintain operational networks, while degrading the enemy's network capability, is a key consideration for military ...
Nicholas, Paul J.; Alderson, David L. (Monterey, California. Naval Postgraduate School, 2015-02); NPS-OR-15-002Wireless mesh networks (WMNs) are interconnected systems of wireless access points (APs) that provide untethered network connectivity for a group of users who require data, voice, and/or video communication. The wireless ...
Michael, Robert J.; Staples, Zachary H. (Monterey, California. Naval Postgraduate School, 2003-03);The Information Age empowers individuals, and affords small groups an opportunity to attack states' interests with an increasing variety of tactics and great anonymity. Current strategies to prevail against these emerging ...