ABSTRACT
Dynamic and moving target defenses are generally characterized by their ability to modify their own state, or the state of the protected target. As such, the evolution of these kinds of defenses require specialized experiments that can capture their behavior and effectiveness through time, as well as their broader impacts in the network. While specialized experiments can be constructed to evaluate specific defenses, there is a need for a general approach that will facilitate such tasks. In this work we introduce VINE, a high-fidelity cyber experimentation environment designed for the study and evaluation of dynamic and moving target defenses. VINE provides a common infrastructure supporting the construction, deployment, execution, and monitoring of complex mission-driven network scenarios that are fully instrumented. The tool was designed to be scalable, extensible, and highly configurable to enable the study of cyber defense strategies under dynamic background traffic and attack conditions, making VINE well-suited for the study of adaptive and moving target defenses. In this paper we introduce the VINE approach, the VINE architecture for MTD experimentation, and provide an illustrative example of the framework in action.
- M. Carvalho, T. C. Eskridge, L. Bunch, A. Dalton, R. Hoffman, J. M. Bradshaw, P. J. Feltovich, D. Kidwell, and T. Shanklin. Mtc2: A command and control framework for moving target defense and cyber resilience. In Resilient Control Systems (ISRCS), 2013 6th International Symposium on, pages 175--180, 2013.Google ScholarCross Ref
- M. Carvalho and M. Marcon. Genesis. Technical Report HIAI-TR-15--3--1, Florida Institute of Technology, 2015.Google Scholar
- M. M. Carvalho, J. M. Bradshaw, L. Bunch, T. C. Eskridge, P. J. Feltovich, R. R. Hoffman, and D. Kidwell. Command and control requirements for moving-target defense. IEEE Intelligent Systems, 27(3):79--85, 2012. Google ScholarDigital Library
- J. Mirkovic, T. V. Benzel, T. Faber, R. Braden, J. T. Wroclawski, M. D. Rey, and S. Schwab. The DETER Project: Advancing the science of cyber security experimentation and test. pages 1--7, 2010.Google Scholar
- Naval Research Lab. Extendable mobile ad-hoc network emulator (EMANE), 2015.Google Scholar
- P. Ogren. Increasing Modularity of UAV Control Systems using Computer Game Behavior Trees. American Institute of Aeronautics and Astronautics, 2015/06/15 2012.Google Scholar
- Rapid7. Penetration testing software | metasploit, 2015.Google Scholar
- E. L. Stoner. A foundation for cyber experimentation. Master's thesis, Computer Science, 2015.Google Scholar
- The OpenStack Foundation. OpenStack open source cloud computing software, 2015.Google Scholar
Index Terms
- VINE: A Cyber Emulation Environment for MTD Experimentation
Recommendations
D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks
Defenses against flooding distributed denial-of-service (DDoS) commonly respond to the attack by dropping the excess traffic, thus reducing the overload at the victim. The major challenge is the differentiation of the legitimate from the attack traffic, ...
Using network flow data to analyse distributed reflection denial of service (DRDoS) attacks, as observed on the South African national research and education network (SANReN): a postmortem analysis of the memcached attack on the SANReN
SAICSIT '18: Proceedings of the Annual Conference of the South African Institute of Computer Scientists and Information TechnologistsDistributed Denial of Service (DDoS) attacks cause significant disruption on critical networks within South Africa. Timely detection and mitigation is a key concern for the SANReN Cyber Security Incident Response Team (CSIRT). This paper presents an ...
Evolution of network enumeration strategies in emulated computer networks
GECCO '18: Proceedings of the Genetic and Evolutionary Computation Conference CompanionSuccessful attacks on computer networks today do not often owe their victory to directly overcoming strong security measures set up by the defender. Rather, most attacks succeed because the number of possible vulnerabilities are too large for humans to ...
Comments