Building an emulation environment for cyber security analyses of complex networked systems

Proceedings of the 20th International Conference on Distributed Computing and Networking Pub Date : 2018-10-23 DOI:10.1145/3288599.3288618

F. D. Tanasache, Mara Sorella, Silvia Bonomi, Raniero Rapone, Davide Meacci

{"title":"Building an emulation environment for cyber security analyses of complex networked systems","authors":"F. D. Tanasache, Mara Sorella, Silvia Bonomi, Raniero Rapone, Davide Meacci","doi":"10.1145/3288599.3288618","DOIUrl":null,"url":null,"abstract":"Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly growing, and the testing and experimentation of cyber defense solutions requires the availability of separate, test environments that best emulate the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, thus enabling the study of cyber defense strategies under real and controllable traffic and attack scenarios. In this paper, we propose a methodology that makes use of a combination of techniques of network and security assessment, and the use of cloud technologies to build an emulation environment with adjustable degree of affinity with respect to actual reference networks or planned systems. As a byproduct, starting from a specific study case, we collected a dataset consisting of complete network traces comprising benign and malicious traffic, which is feature-rich and publicly available.","PeriodicalId":346177,"journal":{"name":"Proceedings of the 20th International Conference on Distributed Computing and Networking","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 20th International Conference on Distributed Computing and Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3288599.3288618","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly growing, and the testing and experimentation of cyber defense solutions requires the availability of separate, test environments that best emulate the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, thus enabling the study of cyber defense strategies under real and controllable traffic and attack scenarios. In this paper, we propose a methodology that makes use of a combination of techniques of network and security assessment, and the use of cloud technologies to build an emulation environment with adjustable degree of affinity with respect to actual reference networks or planned systems. As a byproduct, starting from a specific study case, we collected a dataset consisting of complete network traces comprising benign and malicious traffic, which is feature-rich and publicly available.

查看原文本刊更多论文

构建复杂网络系统网络安全仿真分析环境

由于构成网络的节点数量迅速增加，计算机网络正经历着惊人的增长。与此同时，Internet和intranet网络上的安全威胁数量不断增长，网络防御解决方案的测试和实验需要可用的独立测试环境，以最好地模拟真实系统的复杂性。这些环境支持复杂任务驱动网络场景的部署和监控，从而研究真实可控的流量和攻击场景下的网络防御策略。在本文中，我们提出了一种方法，该方法利用网络和安全评估技术的组合，并使用云技术来构建相对于实际参考网络或计划系统具有可调亲和度的仿真环境。作为副产品，从一个特定的研究案例开始，我们收集了一个由完整的网络痕迹组成的数据集，包括良性和恶意流量，该数据集功能丰富且公开可用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 20th International Conference on Distributed Computing and Networking

自引率

0.00%

发文量