Simulating cyber-attacks for fun and profit

Authors:
Ariel Futoransky;Fernando Miranda;José Orlicki;Carlos Sarraute
Affiliations:
Corelabs, Core Security Technologies;Corelabs, Core Security Technologies;Corelabs, Core Security Technologies and ITBA;Corelabs, Core Security Technologies and ITBA
Venue:
Proceedings of the 2nd International Conference on Simulation Tools and Techniques
Year:
2009

Citing 10
Cited 2

Security problems in the TCP/IP protocol suite

ACM SIGCOMM Computer Communication Review
Honeypots: Tracking Hackers

Honeypots: Tracking Hackers
Inside the Slammer Worm

IEEE Security and Privacy
VDE: Virtual Distributed Ethernet

TRIDENTCOM '05 Proceedings of the First International Conference on Testbeds and Research Infrastructures for the DEvelopment of NeTworks and COMmunities
Distributed Worm Simulation with a Realistic Internet Model

Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
RINSE: The Real-Time Immersive Network Simulation Environment for Network Security Exercises

Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Scalability, fidelity, and containment in the potemkin virtual honeyfarm

Proceedings of the twentieth ACM symposium on Operating systems principles
Large-scale vulnerability analysis

Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
A virtual honeypot framework

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Application-level simulation for network security

Proceedings of the 1st international conference on Simulation tools and techniques for communications, networks and systems & workshops

The impact of predicting attacker tools in security risk assessments

Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Simulating windows-based cyber attacks using live virtual machine introspection

Proceedings of the 2010 Summer Computer Simulation Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

We introduce a new simulation platform called Insight, created to design and simulate cyber-attacks against large arbitrary target scenarios. Insight has surprisingly low hardware and configuration requirements, while making the simulation a realistic experience from the attacker's standpoint. The scenarios include a crowd of simulated actors: network devices, hardware devices, software applications, protocols, users, etc. A novel characteristic of this tool is to simulate vulnerabilities (including 0-days) and exploits, allowing an attacker to compromise machines and use them as pivoting stones to continue the attack. A user can test and modify complex scenarios, with several interconnected networks, where the attacker has no initial connectivity with the objective of the attack. We give a concise description of this new technology, and its possible uses in the security research field, such as pen-testing training, study of the impact of 0-days vulnerabilities, evaluation of security countermeasures, and risk assessment tool.