ATTACK GRAPHS FOR MODELING AND SIMULATING SOPHISTICATED CYBER ATTACKS
Download
Author
Swiatocha, Travis L.
Date
2018-06Advisor
Shaffer, Alan B.
Singh, Gurminder
Metadata
Show full item recordAbstract
The growing importance of the cyber domain to the military has created a need not only to train its cyber operators, but also to provide an environment for them to plan, develop, and rehearse cyber-attacks to determine their effectiveness. The Malicious Activity Simulation Tool (MAST) is a Naval Postgraduate School–developed application designed to simulate cyber-attack scenarios on adversary networks. This thesis extends the capabilities of MAST by enabling the development of sophisticated cyber-attack scenarios. We define a methodology for formally modeling cyber-attacks, simulating their execution, and observing their effects on virtualized adversary networks.
Our methodology decomposes a cyber-attack graph into atomic events, represented as a finite state machine. We simulate the execution of the state machine utilizing MAST on a virtualized adversary network, which allows us to observe the entire attack sequence and the effects achieved on the target by the attack. We demonstrate our methodology stepping through the attack development from its high-level objectives, down to its state machine that we simulate utilizing MAST. Finally, we demonstrate our ability to successfully simulate a sophisticated denial-of-service attack scenario on an adversary target.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Related items
Showing items related by title, author, creator and subject.
-
Developing simulated cyber attack scenarios against virtualized adversary networks
Aybar, Luis E. (Monterey, California: Naval Postgraduate School, 2017-03);Cyberspace is now recognized as a critical center of gravity for modern military forces. The ability to maintain operational networks, while degrading the enemy's network capability, is a key consideration for military ... -
Designing interference-robust wireless mesh network using a defender-attacker-defender model
Nicholas, Paul J.; Alderson, David L. (Monterey, California. Naval Postgraduate School, 2015-02); NPS-OR-15-002Wireless mesh networks (WMNs) are interconnected systems of wireless access points (APs) that provide untethered network connectivity for a group of users who require data, voice, and/or video communication. The wireless ... -
SIGNALING FOR COERCION IN CYBERSPACE
Longabaugh, Eric E. (Monterey, CA; Naval Postgraduate School, 2020-12);In order for signaling to work on an adversary with a coercive purpose, one must convey to the adversary a strong capability and sufficient credibility. The reason deterrence worked in the Gulf War was that U.S. policymakers ...