Automated Cyber-attack Scenario Generation Using the Symbolic Simulation

2005 ◽  
pp. 380-389 ◽  
Author(s):  
Jong-Keun Lee ◽  
Min-Woo Lee ◽  
Jang-Se Lee ◽  
Sung-Do Chi ◽  
Syng-Yup Ohn
Keyword(s):  
Scenario Generation ◽  
Cyber Attack ◽  
Symbolic Simulation ◽  
Attack Scenario

Cyber Situation Awareness through Instance-Based Learning

2012 ◽  
pp. 125-140 ◽  
Author(s):  
Varun Dutt ◽  
Cleotilde Gonzalez
Keyword(s):  
Situation Awareness ◽  
Risk Tolerance ◽  
Decision Support Tools ◽  
Cyber Attack ◽  
Security Analysts ◽  
Instance Based Learning ◽  
Security Analyst ◽  
Support Tools ◽  
Attack Scenario ◽  
Past Experiences

In a corporate network, the situation awareness (SA) of a security analyst is of particular interest. The current work describes a cognitive Instance-Based Learning (IBL) model of an analyst’s recognition and comprehension processes in a cyber-attack scenario. The IBL model first recognizes network events based upon events’ situation attributes and their similarity to past experiences (instances) stored in the model’s memory. Then, the model comprehends a sequence of observed events as being a cyber-attack or not, based upon instances retrieved from its memory, similarity mechanism used, and the model’s risk-tolerance. The execution of the model generates predictions about the recognition and comprehension processes of an analyst in a cyber-attack. A security analyst’s decisions in the model are evaluated based upon two cyber-SA metrics of accuracy and timeliness. The chapter highlights the potential of this research for design of training and decision support tools for security analysts.

Cyber threat assessment via attack scenario simulation using an integrated adversary and network modeling approach

2017 ◽  
Vol 15 (1) ◽  
pp. 13-29 ◽  
Author(s):  
Stephen Moskal ◽  
Shanchieh Jay Yang ◽  
Michael E Kuhl
Keyword(s):  
Network Security ◽  
Threat Assessment ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Network Defense ◽  
Knowledge Based ◽  
Attack Scenario ◽  
Cyber Threat ◽  
Scenarios Simulation ◽  
System Configurations

Existing research on cyber threat assessment focuses on analyzing the network vulnerabilities and producing possible attack graphs. Cyber attacks in real-world enterprise networks, however, vary significantly due to not only network and system configurations, but also the attacker’s strategies. This work proposes a cyber-based attacker behavior model (ABM) in conjunction with the Cyber Attack Scenario and Network Defense Simulator to model the interaction between the network and the attackers. The ABM leverages a knowledge-based design and factors in the capability, opportunity, intent, preference, and Cyber Attack Kill Chain integration to model various types of attackers. By varying the types of attackers and the network configurations, and simulating their interactions, we present a method to measure the overall network security against cyber attackers under different scenarios. Simulation results based on four attacker types on two network configurations are shown to demonstrate how different attacker behaviors may lead to different ways to penetrate a network, and how a single misconfiguration may impact network security.

scholarly journals Hierarchical Multi-Stage Cyber Attack Scenario Modeling Based on G&E Model for Cyber Risk Simulation Analysis

2020 ◽  
Vol 10 (4) ◽  
pp. 1426
Author(s):  
Myung Kil Ahn ◽  
Yong Hyun Kim ◽  
Jung-Ryun Lee
Keyword(s):  
Large Scale ◽  
Simulation Analysis ◽  
Cyber Attacks ◽  
Cyber Attack ◽  
Scenario Modeling ◽  
Course Of Action ◽  
Multi Stage ◽  
Attack Scenario ◽  
Analysis System ◽  
Large Scale Networks

With the advancement in cyber-defense capabilities, cyber attacks have continued to evolve like living creatures to breach security. Assuming the possibility of various enemy attacks, it is necessary to select an appropriate course of action by proactively analyzing and predicting the consequences of a particular security event. Cyber attacks, especially in large-scale military network environments, have a fatal effect on security; therefore, various experiments and analyses must be conducted to establish the necessary preparations. Herein, we propose a hierarchical multi-stage cyber attack scenario modeling based on the goal and effect (G&E) model and analysis system, which enables expression of various goals of attack and damage effects without being limited to specific type. The proposed method is applicable to large-scale networks and can be utilized in various scenario-based cyber combat experiments.

Real-Time Simulation of a Cyber-Attack Scenario on a Power Distribution Substation

2020 ◽  
Author(s):  
Estefano Soria ◽  
Justin E. Jackson ◽  
Hamdi Albunashee ◽  
Chris Farnell ◽  
H. Alan Mantooth
Keyword(s):  
Real Time ◽  
Power Distribution ◽  
Cyber Attack ◽  
Real Time Simulation ◽  
Time Simulation ◽  
Attack Scenario

Decision-making in crisis management of a serious digital incident: A garbage can approach

2020 ◽  
Vol 18 (6) ◽  
pp. 489-498
Author(s):  
Harald Fardal, PhD ◽  
Ann-Kristin Elstad, PhD
Keyword(s):  
Decision Making ◽  
Crisis Management ◽  
Large Scale ◽  
Analytical Framework ◽  
Decision Makers ◽  
Cyber Attack ◽  
Garbage Can Model ◽  
Management Personnel ◽  
Organizational Choice ◽  
Attack Scenario

Managing crisis challenges the ability to make numerous decisions under great uncertainty. This study address the decision-making process, and how the mix of involved individuals, prior knowledge, and available decision-makers forms the decisions made during a crisis. A large-scale exercise with a cyberattack scenario was chosen as the study’s case. The organization studied have highly skilled crisis management personnel; however, they are not used to manage a large-scale cyber-attack scenario. The garbage can model (GCM) of Organizational Choice with a few modifications is used as the analytical framework in the study.

Sign in / Sign up

Export Citation Format

Share Document