Cyber Attack Simulation for Operational Security Evaluation Using Coloured Petri Nets

Publish Year: 1391
نوع سند: مقاله ژورنالی
زبان: English
View: 165

This Paper With 19 Page And PDF Format Ready To Download

  • Certificate
  • من نویسنده این مقاله هستم

استخراج به نرم افزارهای پژوهشی:

لینک ثابت به این Paper:

شناسه ملی سند علمی:

JR_ITRC-4-3_005

تاریخ نمایه سازی: 23 فروردین 1401

Abstract:

Today, cyber attacks to computer networks have turned into a real challenge for network administrators. A wide range of methods have been used for attack modeling and security quantification. The most important drawback of the existing methods is that they are not based on real security-related information of networks. Our aim has been to overcome this drawback by using high-level modeling techniques and real security relevant information of systems. In this paper, we use coloured Petri nets (CPNs) for attack modeling. One of the objectives of this paper is to show the power and flexibility of CPNs for high-level attack modeling. In our work, the important elements of networks involved in cyber attacks, such as hosts, attackers, intrusion detection and prevention systems, servers and firewalls are modeled as reusable CPN sub-models. In other words, with the help of hierarchy and the abstraction provided by CPNs, we have proposed a framework for modeling and evaluation of the impacts of cyber attacks on networks. Through an illustrative example, we have modeled a sample network and some attack scenarios by using the security-relevant information extracted from open source vulnerability database (OSVDB). Finally, we have evaluated some security measures of a sample network.