Simulation model development in information security education

Quantified Score

Visualization

Abstract

The value of modeling and simulation for education, training, and testing in information security has been documented in several studies. In this paper, we suggest that it is important not only to include the general use of simulation in various courses of the security curriculum, but also to include the theory and development of simulation models. We describe briefly the general features of simulation models and tools for model development that we are using in computing education. A collection of educational simulation tools have been created in the OOPsim project, for developing discrete-event simulation models. The principal goal of this project is to develop newer simulation tools and approaches for education in computing. The Object Oriented Simulation Language, OOSimL, was recently developed with partial support from an NSF CPATH grant. Two object-oriented simulation models are discussed as typical examples discussed in a simulation course on security: a model of a distributed denial of service (DDoS) and a model of simple firewall system. These models were developed with educational simulation tools created in OOPsim project. We have also developed a course that emphasizes an approach to early introduction to object-oriented discrete-event simulation. The DDoS simulation model is implemented using the OOSimL simulation language. The Firewall simulation model was implemented in Java with the PsimJ2 object oriented simulation package; other models have been implemented in C++ using the Psim3 object oriented simulation package. The simulation tools and model development are very useful for educating and training students and professionals in information security, computer science, software engineering, information technology, and in other related disciplines.