Requirements and Issues in Cyberwarfare Simulation - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Requirements and Issues in Cyberwarfare Simulation

Description:

A subset of information assurance & security ... Aid in data acquisition and analysis. Automate use and evaluation of metrics. 10. Simulation Needs ... – PowerPoint PPT presentation

Number of Views:83
Avg rating:3.0/5.0
Slides: 15
Provided by: tonym96
Category:

less

Transcript and Presenter's Notes

Title: Requirements and Issues in Cyberwarfare Simulation


1
Requirements and Issues in Cyberwarfare Simulation
2
Introduction
  • Cyberwarfare ? Any type of hostile activity or
    defense involving computer systems, computer
    networks, and/or computerized databases
  • A subset of information assurance security
  • Apparently, strategic and tactical advantages
    accrue to combatant able to successfully engage
    in cyberwarfare
  • Need defense against attack, attack assessment,
    attack response, operation under attack, attack
    resilience
  • Simultaneously, vulnerability of systems is
    increasing
  • Interconnectivity
  • System complexity
  • Distributed simulation can provide an environment
    for the development and evaluation of
    technologies for cyberwarfare operations

3
Issues Problems
  • To date, ad hoc/point-wise defense solutions
  • Single operators and limited interaction during
    attack
  • Limited capability to detect respond to
    large-scale attacks
  • No rigor
  • Difficult to gain insight into the strengths and
    weaknesses of defense capabilities
  • Evaluation only occurs after a real-world attack
  • Traditional offensive/defensive ratios/success
    expectations do not apply
  • Offense is inexpensive, defense is very expensive
  • Attacks are increasing in their sophistication
    and breadth
  • Cost of traditional testing and evaluation is
    prohibitive

4
Focus Areas/Insights
  • In the real-world
  • Single intrusion detection systems,
    single-layered defenses, and human controlled
    responses are inadequate
  • Need to focus on development of
  • Distributed detection systems
  • Automated, intelligent responses
  • Improved command and control capabilities
  • Intrusion tolerant systems
  • Defensive layering technologies
  • Metrics for assessment of performance of a
    defensive technology/strategy
  • Cyberdefense system development environment

5
Why Distributed Simulation?
  • Computational scaling
  • Lower cost than real world
  • Standardized environment necessary to execute
    experiments
  • Ease problems associated with integrating new
    software
  • Real-time performance and interaction is
    required, which cant be achieved with a single
    system

6
Uses for Distributed Simulation
  • Experimentation
  • Training
  • Strategy and tactics development
  • Support development and analysis of analytic
    tools, decision support tools, and intelligent
    agents
  • Develop and evaluate tools for cyber command and
    control
  • Attack simulation
  • Metrics development, evaluation, and comparison

7
Cyberwarfare Simulation Requirements
  • The distributed simulation environment must
    support experimentation on tools and technologies
  • Support evaluation of strategies, tactics, and
    decision support systems
  • Provide a realistic portrayal of response to
    attack and defense
  • Provide a realistic model of network connectivity
    and computer hardware systems
  • Provide a realistic portrayal of the software in
    operation at each defending node
  • Provide realistic portrayal of the human behavior
    of commanders and information users

8
Cyberwarfare Simulation Requirements (cont.)
  • Common development environment
  • Host development, support analysis, support
    evaluation, and provide defense system
    development tools
  • HLA standards, FOM, and SOM support

9
Cyberwarfare Common Development Environment
  • Contains tools that guides designer and developer
    in assembling defensive tools
  • Agents to provide assistance and evaluation
  • Common software architecture and design to enable
    rapid assembly
  • Support sharing/reuse of software and experience
  • Aid in development of a security aware software
    architecture design methodology
  • Aid in data acquisition and analysis
  • Automate use and evaluation of metrics

10
Simulation Needs
  • Support experimentation on all defensive
    technologies
  • Evaluation of offensive and defensive strategies
    and tactics
  • Threat evaluation and vulnerability assessment
  • Realistic models of involved networks
  • Models of software activity
  • Models of infrastructure, vulnerabilities, and
    effect of attack
  • Human behavior models for attackers and defenders
  • Common development environment

11
Research Topics
  • Experimentation
  • Standardized, controlled environment
  • Strategic intrusion assessment tools
  • Collaborative mobile, intelligent agents
  • Detect, evaluate, manage
  • Collaborative intrusion detection tools
  • Human-human and agent-human
  • Attack modeling technologies
  • Metrics
  • Situation awareness tools
  • Models of human reaction to cyberattack
  • Defensive technology evaluation
  • Methods and procedures

12
Research Topics (cont.)
  • Ontology development
  • Degree of autonomy to be relegated to agents
  • Models of human instigators of harassment attacks
  • Visualization tools data mining tools
  • Intent determination

13
HLA Issues
  • Cyberwarfare simulation introduces a new class of
    interactions
  • Modeling and simulation challenges
  • Bandwidth, computational resources, and database
    resources
  • Movement of attacking software, movement of
    attack indications, and movement of offensive and
    defensive command and control commands
  • Quality of service
  • Specifying activity, types of vulnerabilities,
    time required for an attack to succeed
  • Cyberwarfare simulation has characteristics of
    constructive, real-time, analysis, and
    engineering HLA environments
  • Aggregation and de-aggregation of attacked
    systems

14
Conclusions and Future Work
  • Distributed simulation can aid in development of
    cyberwarfare technologies
  • HLA should be used to support these simulation
    environments
  • Need to develop a set of use cases that describe
    cyberwarfare in broad
  • Reference FOM for cyberwarfare simulation
Write a Comment
User Comments (0)
About PowerShow.com