Advanced Tools for Cyber Ranges
نویسندگان
چکیده
In response to the growing number and variety of cyber threats, the government, military, and industry are widely employing network emulation environments for cyber capability testing and cyber warfare training. These “cyber ranges” have been increasing in size and complexity to model the high-volume network traffic and sophisticated attacks seen on the Internet today. For cyber ranges to operate effectively and efficiently, organizations need tools to automate range operations, increase the fidelity of emulated network traffic, and visualize range activity. Lincoln Laboratory has developed a variety of such tools. » With the recent high-profile cyber attacks on government agencies, such as the U.S. Office of Personnel Management [1], and on companies, including Target, Home Depot, and Sony [2], the dangers of cyber attacks have gained national prominence. Cyber attacks threaten not only the security of personal data but also the national critical infrastructure, for example, power grids and transportation systems [3]. To mitigate the cyber threat, researchers are actively developing cyber defense tools. Before these tools can be deployed in corporate or military networks, they must be tested and validated in realistic environments. Simple tests conducted on developers’ computers are insufficient because these tests do not have the required level of realism. Needed are high-fidelity, surrogate networks (i.e., cyber ranges) in which we can introduce attackers, defenders, and defensive and offensive capabilities, and measure the performance of these capabilities in the hands of skilled network defenders pitted against realistic adversaries. To help create and operate these cyber ranges, tools are needed to (1) automate the configuration and generation of complex network environments; (2) create high-fidelity emulated user traffic on these networks; and (3) effectively operate and visualize the rich traffic environment being executed on the range during an event, i.e., a scenario to test capabilities or train personnel.
منابع مشابه
Plethora of Cyber Forensics
As threats against digital assets have risen and there is necessitate exposing and eliminating hidden risks and threats. The ability of exposing is called “cyber forensics.” Cyber Penetrators have adopted more sophistical tools and tactics that endanger the operations of the global phenomena. These attackers are also using anti-forensic techniques to hide evidence of a cyber crime. Cyber forens...
متن کاملAn Effective Attack-Resilient Kalman Filter-Based Approach for Dynamic State Estimation of Synchronous Machine
Kalman filtering has been widely considered for dynamic state estimation in smart grids. Despite its unique merits, the Kalman Filter (KF)-based dynamic state estimation can be undesirably influenced by cyber adversarial attacks that can potentially be launched against the communication links in the Cyber-Physical System (CPS). To enhance the security of KF-based state estimation, in this paper...
متن کاملCyber Threats Foresight Against Iran Based on Attack Vector
Cyber threats have been extraordinary increased in recent years. Cyber attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of Iran. The complexity of cyber threats and the devastating effects of them on critical systems highlights necessity of cyber thr...
متن کاملBest Practices in Computer Network Defense: Incident Detection and Response
" The book identifies the state-of-the-art tools and processes being used for cyber defense and highlights gaps in the technology. It presents the best practice of industry and government for incident detection and reponse and examines indicators and metrics for progress along the security continuum. "-Belfer Center (Harvard Kennedy School) The cyber security of vital infrastructure and service...
متن کاملEmploying Automated Management to Administer a Large-Scale E-Science Cyber-Infrastructure
E-Science cyber-infrastructures empower broad ranges of users by hiding the complexity of accessing advanced underlying infrastructure including high performance computers, high-speed networks, data streams and sensor networks. But due to their scale, running these systems in production has raised major system management challenges. In this paper, we discuss challenges of managing one such e-sc...
متن کامل