Cyber Threats Impact on Mission (CyTIM): Systems Integration Results
Abstract
A hybrid approach of mission simulation modeling integrated with a virtual environment to measure a cyber attacks effect on mission is demonstrated. While existing testbeds aim to support malware and network infrastructure experimentation, this study extends these capabilities with a mission-modeling and control layer that allows the collection of data not only on malicious softwares impact on network infrastructure, but also on the networks mission analysts and their ability to complete assigned tasks. The operations center use case employed demonstrates that a notional denial-of-service attack on a key router cripples the operators mission and delays task processing for hours, specifically 2 to 8 hour delays when chat is used as a mode of communication versus 4 to 12 hour delays when email is used to communicate. The metric end-to-end mission thread response time is demonstrated to help quantify an attacks severity and could help quantify the success of defenses as well as support a training environment for analysts.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 01, 2011
- Accession Number
- AD1108471
Entities
People
- Jennifer J. Mathieu
- John H. James
- Joshua J. Kraunelis
Organizations
- MITRE Corporation