Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
Honeypots: Tracking Hackers
IEEE Security and Privacy
VDE: Virtual Distributed Ethernet
TRIDENTCOM '05 Proceedings of the First International Conference on Testbeds and Research Infrastructures for the DEvelopment of NeTworks and COMmunities
Distributed Worm Simulation with a Realistic Internet Model
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
RINSE: The Real-Time Immersive Network Simulation Environment for Network Security Exercises
Proceedings of the 19th Workshop on Principles of Advanced and Distributed Simulation
Scalability, fidelity, and containment in the potemkin virtual honeyfarm
Proceedings of the twentieth ACM symposium on Operating systems principles
Large-scale vulnerability analysis
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Application-level simulation for network security
Proceedings of the 1st international conference on Simulation tools and techniques for communications, networks and systems & workshops
The impact of predicting attacker tools in security risk assessments
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Simulating windows-based cyber attacks using live virtual machine introspection
Proceedings of the 2010 Summer Computer Simulation Conference
Hi-index | 0.00 |
We introduce a new simulation platform called Insight, created to design and simulate cyber-attacks against large arbitrary target scenarios. Insight has surprisingly low hardware and configuration requirements, while making the simulation a realistic experience from the attacker's standpoint. The scenarios include a crowd of simulated actors: network devices, hardware devices, software applications, protocols, users, etc. A novel characteristic of this tool is to simulate vulnerabilities (including 0-days) and exploits, allowing an attacker to compromise machines and use them as pivoting stones to continue the attack. A user can test and modify complex scenarios, with several interconnected networks, where the attacker has no initial connectivity with the objective of the attack. We give a concise description of this new technology, and its possible uses in the security research field, such as pen-testing training, study of the impact of 0-days vulnerabilities, evaluation of security countermeasures, and risk assessment tool.