Simulating Cyber-Attacks for Fun and Profit

Details Simulating Cyber-Attacks for Fun and Profit Simulating Cyber-Attacks for Fun and Profit

2010-06-09

arxiv.org/abs/1006.1919v1

International Conference on Simulation Tools and Techniques (SIMUTools) (2009)

Computer Science

Cryptography and Security

10 pages, 5 figures

Scientific paper

We introduce a new simulation platform called Insight, created to design and simulate cyber-attacks against large arbitrary target scenarios. Insight has surprisingly low hardware and configuration requirements, while making the simulation a realistic experience from the attacker's standpoint. The scenarios include a crowd of simulated actors: network devices, hardware devices, software applications, protocols, users, etc. A novel characteristic of this tool is to simulate vulnerabilities (including 0-days) and exploits, allowing an attacker to compromise machines and use them as pivoting stones to continue the attack. A user can test and modify complex scenarios, with several interconnected networks, where the attacker has no initial connectivity with the objective of the attack. We give a concise description of this new technology, and its possible uses in the security research field, such as pentesting training, study of the impact of 0-days vulnerabilities, evaluation of security countermeasures, and risk assessment tool.

Affiliated with

Also associated with

No associations

Rating

Simulating Cyber-Attacks for Fun and Profit does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Simulating Cyber-Attacks for Fun and Profit, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Simulating Cyber-Attacks for Fun and Profit will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-490330