Transcript ppt
Modeling and simulation at
the service of cyber security
Vahur Kotkas
IoC, dept. of Computer Science
Security issues
Availability
Privacy
Integrity
Maintainability
How to defend ourselves
Be prepared (planning and built-up):
carry out analysis,
deploy reasonable equipment
purchase special equipment and prepare tools for
intrusion detection,
data-mining,
blacklist management and exchange,
filtering,
Logging
configure the equipment properly
reserve some resources for any case,
Have trained staff (education)
What kind of activities are needed?
Educational simulations
Network deployment planning
Topology, equipment, configuration
Usage optimization
Resource consumption analysis
Protocols, routing algorithms, configurations, ...
Hardware, services
Attack simulations
Malware spread simulation
Service availability simulations
Do it all on top of a realistic model of Estonian Internet
Different levels of activities
High-level management
Mid-level technical solutions
Low-level real life
What is available?
Number of existing tools for network
simulations:
OPNET, OMNeT++, NS, Netscale, Netwiser,
J-Sim, PARSEC, QualNet, SSF, ...
Number of model (network topology)
generators
BRITE, Inet, Topgen, ReaSE, ...
What we do?
Modeling and simulation platform – CoCoViLa
(http://www.cs.ioc.ee/cocovila)
High-level behaviour descriptions
Combined simulators
Hierarchical visual composition
Expert-systems
Discrete event based simulation
Continuous-time simulation
Visualisation
Tools for different activity levels DEMO
Situation Analysis by Jüri Kivimaa et al.
Attack Trees by number of people including
Ahto Buldas, Aivo Jürgenson, Jan Willemson
etc.
HNS (Hybrid Network Simulator) by Andres
Ojamaa
GrADAR (Graph-based Automated Denial-ofService Attack Response) by Gabriel Klein et
al.
EIM (Model of Estoian Internet) by Andres
Ojamaa et al.
Modeling and simulation in
the service of cyber security
Vahur Kotkas
IoC dept. of Computer Science