Agent-based simulation for assessing network security risk due to unauthorized hardware
نویسندگان
چکیده
Computer networks are present throughout all sectors of our critical infrastructure and these networks are under a constant threat of cyber attack. One prevalent computer network threat takes advantage of unauthorized, and thus insecure, hardware on a network. This paper presents a prototype simulation system for network risk assessment that is intended for use by administrators to simulate and evaluate varying network environments and attacker/defender scenarios with respect to authorized and unauthorized hardware. The system is built on the agent-based modeling paradigm and captures emergent system dynamics that result from the interactions of multiple network agents including regular and administrator users, attackers, and defenders in a network environment. The agent-based system produces both metrics and visualizations that provide insights into network security risk and serve to guide the search for efficient policies and controls to protect a network from attacks related to unauthorized hardware. The simulation model is unique in the current literature both for its network threat model and its visualized agentbased approach. We demonstrate the model via a case study that evaluates risk for several candidate security policies on a representative computer network.
منابع مشابه
Risk Analysis and Economic Load Dispatch Evaluation of Network with High Wind Power Penetration
This study based on investigation for integration wind power into conventional power system with its impact on fossil fuel generators and their generation management. Wind power as environmental friendly energy source can reduce the operational cost of the system due to considering no cost for energizing the generator in comparing with fossil fuel generators. However due to unpredictable nature...
متن کاململزومات امنیتی پیادهسازی IMS SIP سرور امن
IMS (IP Multimedia Subsystem) network is considered as an NGN (Next Generation Network) core networks by ETSI. Decomposition of IMS core network has resulted in a rapid increase of control and signaling message that makes security a required capability for IMS commercialization. The control messages are transmitted using SIP (Session Initiation Protocol) which is an application layer protocol. ...
متن کاملUsing network processor to establish security agent for AODV routing protocol
Network processor (NP) is optimized to performnetwork tasks. It uses massive parallel processing architecture to achieve high performance. Ad hoc network is an exciting research aspect due to the characters of self-organization, dynamically topology and temporary network life. However, all the characters make the security problem more serious. Denial-of-Service (DoS) attack is the main puzzle i...
متن کاملEvolutionary Algorithm Approaches for Detecting Computer Network Intrusion ( Extended
Attacks against computer networks are becoming more sophisticated, with adversaries using new attacks or modifying existing attacks. With increased global interconnectivity, reliance on e-commerce, network services, and Internet communication, computer security has become a necessity. Organizations must protect their systems from intrusion and computer-virus attacks. Such protection must detect...
متن کاملA multi agent method for cell formation with uncertain situation, based on information theory
This paper assumes the cell formation problem as a distributed decision network. It proposes an approach based on application and extension of information theory concepts, in order to analyze informational complexity in an agent- based system, due to interdependence between agents. Based on this approach, new quantitative concepts and definitions are proposed in order to measure the amount of t...
متن کامل