Network Security Modeling and Simulation, 10-9251
Printer Friendly VersionPrincipal Investigators
Arthur N. Rasmussen
Thomas G. Glass III
Erin L. Allwein
Thomas J. Eisenhut
Inclusive Dates: 04/01/01 - Current
Background - This project was undertaken to develop a new, innovative, and practical way to model computer networks for the analysis of computer network attack-and-defend scenarios. The new Age of Information is accompanied by new threats. Excerpts from recent headlines include: "Crisis," "Attacked Without Warning ... Perpetrator Unknown," "Millions of Dollars in Damages," "Defenses Ineffective," "FBI Attacked." These assaults on network systems result in millions of dollars damage in lost commerce, wasted time, disrupted services, and shaken confidence. It is not only a commercial problem. The government and other institutions are also at risk; for example, the Federal Bureau of Investigation's (FBI) computers were successfully attacked, and its web site shut down (the site is operated under contract by IBM Corporation). The Department of Defense is also extremely concerned. The issues and technologies of network system attack and defense are critical to the successful growth of commerce and national interests.
The Institute has a long record of successes in applying modeling and simulation approaches to information warfare and its derivative fields such as command and control warfare and electronic warfare. The Automation and Data Systems Division has a 10-year record of producing and deploying such technologies for defense organizations including the Joint Information Operations Center and the Air Force Information Warfare Center. This project seeks to establish SwRI as a strong leader in the next wave of information warfare: computer network attack and defense.
Approach - The work includes researching the approaches and techniques needed to use modeling and simulation methods for understanding and predicting the behavior of network systems and their levels of security. The goal of this project is to develop a prototype computer network model with sufficient functionality to demonstrate to potential clients that they could conduct analyses of computer attack and defense scenarios. Their feedback would be solicited to improve the model iteratively during the course of the project and provide avenues for exploitation during follow-on externally funded work.
Accomplishments - The initial phases of the project have been successfully completed. Internet research and meetings with computer network operations domain experts were held and the resulting information distilled into a working requirements document. A rapid prototyping development approach is being used to build the prototype software application. As part of the approach, an initial high-level design has been created. Also, work has begun on the initial implementation of software code and the integration of PEBBLE™ software produced under previous SwRI software development efforts.
