CYBER SECURITY ANALYSIS TESTBED COMBINING REAL, EMULATION, AND

CYBER SECURITY ANALYSIS TESTBED COMBINING REAL, EMULATION, AND

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
1 of 6 CYBER SECURITY ANALYSIS TESTBED: COMBINING REAL, EMULATION, AND SIMULATION Brian Van Leeuwen, Vincent Urias, John Eldridge, Charles Villamarin, Ron Olsberg Sandia National Laboratories** Albuquerque, USA {bpvanle, veuria, jmeldri, chvilla, rrolsbe}@sandia.gov Abstract -- Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems of computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed novel methods to combine these evaluation platforms into a hybrid testbed that combines real, emulated, and simulated components. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a system of interest, it is critical to realistically represent the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single, unified computing platform. This provides an “experiment-in-a-box” capability. The result is rapidly-produced, large-scale, relatively low-cost, multi- fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations. I. INTRODUCTION Many systems used by organizations to support security, safety, and law enforcement depend on secure communication networks. Sophisticated applications used by authorities to effectively conduct their operation are becoming more reliant on networked information systems. Likewise many business organizations also depend on networked information systems to conduct their operations which, in cases, carry valuable proprietary information. Given the high value of the information carried by these information systems they are often targeted for attack. To protect these information systems from cyber-attack, the latest and most advanced security methods are used. Also important to securing these information systems are analysis methods and tools that measure the effectiveness of selected security approaches. Thus, tools are necessary for organizations to analyze their information systems’ security, reliability, and
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 6

CYBER SECURITY ANALYSIS TESTBED COMBINING REAL, EMULATION, AND

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online