Computer systems and networks are exposed to attacks on a daily basis. IT technicians and information security practitioners must deploy protection technologies that proactively guard against and minimize the impact of successful attacks. Worms, viruses and targeted surgical strikes by skilled attackers must be taken into account. In a large, complex IT environment where implementing new security solutions is expensive and time-consuming, it is helpful to be able to simulate and test different network configurations prior to making deployment decisions or major network changes. However, there are no tools available today for effectively measuring the security in simulated networks. Current simulation solutions are either focused on areas other than security, or lack sufficient complexity or flexibility.
CoreLabs has addressed this problem by designing two simulation solutions:
Insight is a solution for interactively simulating networks of computer systems and launching attacks against either known or hypothetical vulnerabilities. Our simulation solution is designed to enable IT managers to evaluate the security of different network configurations and test different scenarios. This system permits changes in configurations and therefore enables effectively the testing of various network infrastructures.
Our research focuses on the interactive simulation of realistic scenarios where the simulated machines have the same observable behavior as real machines. Users are able to modify configurations, reproduce attacks and access the log data, which is produced by the auditing tools.
ITeSu or Impact Test Suite
ITeSu is a technology that supports several victim virtual machines, for vulnerable OSs and applications, and can manage which VMs are on/off from a centralized API.
- Simulating Cyber-Attacks for Fun and Profit
- Authors: Ariel Futoransky, Fernando Miranda, Jose Orlicki and Carlos Sarraute
- In: 2nd International Conference on Simulation Tools and Techniques (SIMUTools'09)
- Date published: 2009-03-02