Cyber Attack Simulation for Operational Security Evaluation Using Coloured Petri Nets
سال انتشار: 1391
نوع سند: مقاله ژورنالی
زبان: انگلیسی
مشاهده: 171
فایل این مقاله در 19 صفحه با فرمت PDF قابل دریافت می باشد
- صدور گواهی نمایه سازی
- من نویسنده این مقاله هستم
استخراج به نرم افزارهای پژوهشی:
شناسه ملی سند علمی:
JR_ITRC-4-3_005
تاریخ نمایه سازی: 23 فروردین 1401
چکیده مقاله:
Today, cyber attacks to computer networks have turned into a real challenge for network administrators. A wide range of methods have been used for attack modeling and security quantification. The most important drawback of the existing methods is that they are not based on real security-related information of networks. Our aim has been to overcome this drawback by using high-level modeling techniques and real security relevant information of systems. In this paper, we use coloured Petri nets (CPNs) for attack modeling. One of the objectives of this paper is to show the power and flexibility of CPNs for high-level attack modeling. In our work, the important elements of networks involved in cyber attacks, such as hosts, attackers, intrusion detection and prevention systems, servers and firewalls are modeled as reusable CPN sub-models. In other words, with the help of hierarchy and the abstraction provided by CPNs, we have proposed a framework for modeling and evaluation of the impacts of cyber attacks on networks. Through an illustrative example, we have modeled a sample network and some attack scenarios by using the security-relevant information extracted from open source vulnerability database (OSVDB). Finally, we have evaluated some security measures of a sample network.
کلیدواژه ها:
Cyber attacks ، attack modeling ، coloured Petri nets (CPNs) ، availability evaluation ، simulation ، CPN Tools