Attack Graphs for Modeling and Simulating Sophisticated Cyber Attack
Abstract
The growing importance of the cyber domain to the military has created a need not only to train its cyber operators, but also to provide an environment for them to plan, develop, and rehearse cyber-attacks to determine their effectiveness. The Malicious Activity Simulation Tool (MAST) is a Naval Postgraduate School developed application designed to simulate cyber-attack scenarios on adversary networks. This thesis extends the capabilities of MAST by enabling the development of sophisticated cyber-attack scenarios. We define a methodology for formally modeling cyber-attacks, simulating their execution, and observing their effects on virtualized adversary networks. Our methodology decomposes a cyber-attack graph into atomic events, represented as a finite state machine. We simulate the execution of the state machine utilizing MAST on a virtualized adversary network, which allows us to observe the entire attack sequence, and the effects achieved on the target by the attack. We demonstrate our methodology stepping through the attack development from its high level objectives, down to its state machine that we simulate utilizing MAST. Finally, we demonstrate our ability o successfully simulate a sophisticated denial-of-service attack scenario on an adversary target.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2018
- Accession Number
- AD1060078
Entities
People
- Travis L. Swiatocha
Organizations
- Naval Postgraduate School