DOCSLIB.ORG

Problem Abstraction in Cyber Simulation for Threat Assessment

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Problem Abstraction in Cyber Simulation for Threat Assessment CAN UNCLASSIFIED Analysis of Autonomous Cyber Operation Simulation Environments Delfin Montano Solana Networks Inc. Prepared by: Delfin Montano Solana Networks Inc. via General Dynamics Mission Systems–Canada 1941 Robertson Road Ottawa, Ontario K2H 5B7 PSPC Contract Number: W7714-115274/001/SV Technical Authority: Adrian Taylor, Defence Scientist Contractor's date of publication: September 2019 Defence Research and Development Canada Contract Report DRDC-RDDC-2019-C257 Novembere 2019 CAN UNCLASSIFIED CAN UNCLASSIFIED IMPORTANT INFORMATIVE STATEMENTS This document was reviewed for Controlled Goods by Defence Research and Development Canada using the Schedule to the Defence Production Act. Disclaimer: This document is not published by the Editorial Office of Defence Research and Development Canada, an agency of the Department of National Defence of Canada but is to be catalogued in the Canadian Defence Information System (CANDIS), the national repository for Defence S&T documents. Her Majesty the Queen in Right of Canada (Department of National Defence) makes no representations or warranties, expressed or implied, of any kind whatsoever, and assumes no liability for the accuracy, reliability, completeness, currency or usefulness of any information, product, process or material included in this document. Nothing in this document should be interpreted as an endorsement for the specific use of any tool, technique or process examined in it. Any reliance on, or use of, any information, product, process or material included in this document is at the sole risk of the person so using it or relying on it. Canada does not assume any liability in respect of any damages or losses arising out of or in connection with the use of, or reliance on, any information, product, process or material included in this document. Template in use: EO Publishing App for CR-EL Eng 2019-01-03-v1.dotm © Her Majesty the Queen in Right of Canada (Department of National Defence), 2019 © Sa Majesté la Reine en droit du Canada (Ministère de la Défense nationale), 2019 CAN UNCLASSIFIED ARMOUR Task 11 Document # CAD00010262 SOLANA NETWORKS ANALYSIS OF AUTONOMOUS CYBER OPERATIONS SIMULATION ENVIRONMENTS This document was prepared by General Dynamics Mission Systems – Canada under Public Works and Government Service Canada Contract No. W7714-115274/001/SV. Use and dissemination of the information herein shall be in accordance with the Terms and Conditions Contract No. W7714- 115274/001/SV. Prepared By: General Dynamics Mission Systems–Canada 1941 Robertson Road Ottawa, Ontario K2H 5B7 Date: 16 September 2019 Reference No.: HCJ RELEASE RECORD Approver Role Approver Name Approval Date DPME Mike Gingell 16 September 2019 Project Manager Karen Arsenault 16 September 2019 REVISION STATUS SHEET Revision Date Comments CAD00010262 Baseline 16 September 2019 Initial Release Preliminary Research Investigation Report Analysis of Autonomous Cyber Operation Simulation Environments Version 2.1 List of Authors Delfin Y. Montuno [email protected] Abstract Autonomous Cyber Operations is an important area of research and so is having a simulation and modeling tool that can optimize, assess, and enable exploration of strategic autonomic algorithms, especially against adversarial artificial intelligent agents in the network supporting mission critical operations. To assist in informing decisions about procuring or developing cyber simulation environments for the purpose of automated cyber operation experimentation, we investigate existing literature for cyber simulation solution theories, methods, tools, and results, and categorize them according to their simulation objectives by analyzing their key characteristics, including problem abstraction issues. Based on the investigation results, we formulate an attributes enumeration template for analyzing simulation environments in generic terms, and illustrate the application of the attribute template to selected solutions. Next we tailor the attributes enumeration template for analyzing solutions that deal with assessing security posture with intelligent actors, both benign and adversarial, and illustrate the application of the goal-specific attributes enumeration template to selected solutions. Finally we discuss sample building block solutions and propose a simple buy or build decision making process for obtaining cyber simulation environments. Résumé L’émergence de la opérations autonomes en ligne en tant que domaine de recherche important a entraîné le besoin d’outils de simulation et de modélisation qui peuvent optimiser, évaluer et permettre l’exploration d’algorithmes stratégiques autonomes. Ces algorithmes permettraient aux systèmes de protéger les opérations essentielles à la mission contre les agents intelligents artificiels adverses déployés sur le réseau. Pour éclairer les décisions concernant l’acquisition ou le développement d’environnements de cybersimulation à des fins d’expérimentation de cyberopérations automatisées, nous examinons la documentation existante sur les théories, méthodes, outils et résultats des solutions de cybersimulation. Nous classons les travaux existants en fonction de leurs objectifs de simulation en analysant leurs caractéristiques clés, y compris les problèmes d’abstraction. À partir des résultats de l’enquête, nous formulons un modèle d’énumération des attributs pour analyser les environnements de simulation en termes génériques et illustrons l’application du modèle d’attributs à des solutions choisies. Ensuite, nous adaptons le modèle d’énumération des attributs pour analyser les solutions qui traitent de l’évaluation de la posture de sécurité pour les scénarios impliquant des acteurs intelligents, tant bénins que conflictuels. Nous illustrons l’application du gabarit d’énumération des attributs propres aux objectifs à des solutions choisies. Enfin, nous discutons d’exemples de solutions de base et proposons un processus de prise de décision simple d’achat ou de construction pour l’obtention d’environnements de cybersimulation. Table of Contents LIST OF TABLES .......................................................................................................... VII LIST OF FIGURES ........................................................................................................ VIII 1. INTRODUCTION ................................................................................................ 1 1.1 Background ..................................................................................................... 1 1.2 Objective ......................................................................................................... 2 1.3 Cyber Security Simulation and Modeling......................................................... 4 1.4 A Characteristics Analysis Framework ............................................................ 5 1.5 Attributes of a Cyber Security Simulation Environment (CSSE) ...................... 7 1.5.1 Technical Attributes – Simulation and Modeling Support ........................... 7 1.5.2 Quality Attributes ........................................................................................ 9 2. SUMMARY OF CSSES REVIEW .................................................................... 11 2.1 Attack Related Solutions ............................................................................... 11 2.2 Defense Related Solutions ............................................................................ 13 2.3 Cyber Solution Enablers ................................................................................ 19 2.4 Applications ................................................................................................... 23 2.5 Others ........................................................................................................... 27 3. APPLICATION OF ATTRIBUTES ENUMERATION TO DIFFERENT PROBLEMS ................................................................................................... 28 3.1 Sample Attributes Enumeration Results a Using Generic Template ............. 28 3.1.1 Red Teaming Simulation [Applebaum-2016]............................................ 28 3.1.2 Simulation for Deception [Durkota-2016] ................................................. 30 3.1.3 Simulation with Learning [Elderman-2017]............................................... 31 3.1.4 Simulation for Assessment [Moskal-2018] ............................................... 32 3.1.5 Cyber-Physical Simulation [Niu-2015] ...................................................... 33 3.1.6 Gamified Learning Simulation [Gallagher-2017 and Morton-2018] .......... 34 3.1.7 Breach and Attack Simulation [SafeBreach-2017] ................................... 35 3.2 CSSE Specific Attributes Enumeration Template for Security Posture Applications .................................................................................................. 36 3.2.1 Assessing Security Posture Specific Issues............................................. 37 3.2.2 Assessing Most Security Posture Issues ................................................. 39 3.2.2.1 Protection as the Only Key Security Posture Issue .............................. 41 3.2.3 Attributes Enumeration Template for Security Posture Assessment CSSE ....................................................................................................... 43 3.3 To Build or Buy a Cyber Range Solution for Security Status Assessment .................................................................................................
Load more

Recommended publications
  • Android Studio Development Essentials Android 7 Edition Android Studio Development Essentials – Android 7 Edition
    Android Studio Development Essentials Android 7 Edition Android Studio Development Essentials – Android 7 Edition ISBN-13: 978-1535425339 © 2016 Neil Smyth. All Rights Reserved. This book is provided for personal use only. Unauthorized use, reproduction and/or distribution strictly prohibited. All rights reserved. The content of this book is provided for informational purposes only. Neither the publisher nor the author offers any warranties or representation, express or implied, with regard to the accuracy of information contained in this book, nor do they accept any liability for any loss or damage arising from any errors or omissions. This book contains trademarked terms that are used solely for editorial purposes and to the benefit of the respective trademark owner. The terms used within this book are not intended as infringement of any trademarks. Rev: 1.0 Table of Contents 1. Introduction ......................................................................................................................................... 1 1.1 Downloading the Code Samples ........................................................................................................... 2 1.2 Download the eBook ............................................................................................................................ 2 1.3 Feedback .............................................................................................................................................. 2 1.4 Errata ...................................................................................................................................................
    [Show full text]
  • Emulation Framework Test Report Release 1.1.0 (PDF
    Keeping Emulation Environments Portable FP7-ICT-231954 Test description and results document for Emulation Framework Deliverable number D2.4 Nature Report Dissemination level PU (public) Delivery date Due: M35 (December 2011) Actual: M36 (January 2012) Status Final Work package number WP2 Lead beneficiary KB Author(s) Bart Kiers (KB) Jeffrey van der Hoeven (KB) D2.4 Test description and results document for Emulation Framework Document history Revisions Version Date Author Changes 0.1 21-04-2011 Bart Kiers (KB) Initial version 0.2 10-12-2011 Bart Kiers (KB) Added test results 0.3 23-12-2011 Bart Kiers (KB) Added notes from Jeffrey about feedback KEEP workshops. Made it review ready 0.4 30-12-2011 Bart Kiers (KB) Added review comments from Winfried Bergmeyer 0.5 05-01-2012 Bart Kiers (KB) Added review comments from Marcus Dindorf 0.6 10-01-2012 Jeffrey van der Hoeven (KB) Adjusted template to standard deliverable output 1.0 13-01-2012 Jeffrey van der Hoeven (KB) Finalised document 1.1 17-01-2012 Jeffrey van der Hoeven (KB) Changed wording about KVM KEEP_WP2_D2.4 2/38 D2.4 Test description and results document for Emulation Framework Reviews Date Name Result 27-12-2011 Winfried Bergmeyer (CSM) Approved with minor changes 30-12-2011 Marcus Dindorf (DNB) Approved with major changes Signature/Approval Approved by (signature) Date Accepted by at European Commission (signature) Date KEEP_WP2_D2.4 3/38 D2.4 Test description and results document for Emulation Framework Executive Summary This document describes how tests with the Emulation Framework (EF) version 1.0.0 were performed and the results of those tests.
    [Show full text]
  • Emulation and Computing History the Computer History Simulation Project and SIMH
    Emulation and computing history The Computer History Simulation Project and SIMH Skill Level: Intermediate M. Tim Jones ([email protected]) Senior Architect 22 Mar 2011 The simplest computing devices we use today have more processing capability than the most capable computing systems of yesterday. For example, the VAX 11/780 delivered around 0.5 MIPS in the early 1980s. Compare that to an IBM zEnterprise™ 196 (z196) mainframe of today, which can support well over 52 KMIPS. However, we can learn a lot from early computing history. If you've ever wanted to boot an IBM 1130, PDP-11, or MITS Altair, then the Computer History Simulation Project is just what you've been looking for. In late 1978, as a birthday gift, I received my first computer. It was a TRS-80 model 1 with 4KB of memory and cassette tape mass storage, which I later upgraded to an Exatron stringy floppy. Within a few weeks, my BASIC programming skills had evolved to the point that I had exceeded the available memory for my yet-to-be-completed program: a sad day. Little did I know 30 years later, as an embedded firmware engineer, I would still spend much of my time trying to squeeze more code and data into a smaller address space. Computer history is fascinating, as are some of the early computers that were developed. Many of the early machines were rudimentary calculators, such as Konrad Zuse's Z1, which he invented in 1931, and going back even farther, Herman Hollerith's mechanical sorting machine that was used in the 1890 census; six years later his is one of the companies that merged and became IBM.
    [Show full text]
  • Nsure Securelogin 3.51.2 Configuration Guide for Terminal Emulation April 08, 2005
    Novell Confidential Manual (99a) 21 December 2004 Novell NsureTM SecureLogin 3.51.2 www.novell.com CONFIGURATION GUIDE FOR TERMINAL April 08, 2005 EMULATION Novell Confidential Manual (99a) 21 December 2004 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. You may not use, export, or re-export this product in violation of any applicable laws or regulations including, without limitation, U.S. export regulations or the laws of the country in which you reside. Copyright © 2005 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher. Novell, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S.
    [Show full text]
  • Emulator Troubleshooting Guide
    Emulator Troubleshooting User Guide BH-Troubleshooting-UG-03 February 2009 IMPORTANT INFORMATION © 2009 EWA Technologies, Inc. All rights reserved. Reproduction, adaptation, or translation without prior written permission is prohibited, except as allowed under the copyright laws. EWA Technologies Document: BH-Troubleshooting-UG-03 Warranty - this manual The information contained in this document is subject to change without notice. EWA makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. EWA shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material. About This Manual This document represents the troubleshooting guide for Blackhawk™ products. Please visit the Blackhawk website from time to time as this document will be periodically updated. This guide contains some TIP paragraphs to help in diagnosis of a problem that may be preventing proper operation of a Blackhawk product. These paragraphs are shaded as in the following example. Please read each of these areas of text carefully. This is an example of a paragraph with important TIP information. Related Documents • Texas Instruments Code Composer User's Guide (SPRU296 - Updated: 12/30/1998) • Texas Instruments Code Composer Studio User's Guide (SPRU328B - Updated: 03/28/2000) • To get the latest documentation from TI, click: Get the latest DSP manuals from TI. • Additional TI Documentation which are referred with full links within this guide. Trademarks BLACKHAWK is a trademark of EWA Technologies, Inc. All other marks are trademarks of their respective owners.
    [Show full text]
  • Novell Secure Login
    Novell SecureLogin Administration Guide August 31, 2001 Novell Confidential Manual 99a38 July 17, 2001 Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. This product may require export authorization from the U.S. Department of Commerce prior to exporting from the U.S. or Canada. Copyright © 2001 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher. Novell, Inc. 1800 South Novell Place Provo, UT 84606 U.S.A. www.novell.com Novell SecureLogin Administration Guide August 2001 103-000131-001 Online Documentation: To access the online documentation for this and other Novell products, and to get updates, see www.novell.com/documentation. Novell SecureLogin Administration Guide 103-000131-001 August 31, 2001 Novell Confidential Manual 99a38 July 17, 2001 Novell Trademarks ConsoleOne is a trademark of Novell, Inc.
    [Show full text]
  • Emulation – a Viable Preservation Strategy
    Emulation – a viable preservation strategy Authors : Jeffrey van der Hoeven, Hilde van Wijngaarden (KB) : Remco Verdegem, Jacqueline Slats (Nationaal Archief) Organisations : The National Library of the Netherlands/Koninklijke Bibliotheek : Nationaal Archief of the Netherlands Date of creation : 18 January 2005 Date of last update : 20 June 2005 Version : 1.4 2 I. Table of contents 1. Introduction .................................................................................................................................... 3 2. Current situation ............................................................................................................................. 5 2.1. The National Library of the Netherlands ............................................................................... 5 2.2. The Nationaal Archief of the Netherlands ............................................................................. 6 2.3. What is emulation? ................................................................................................................ 7 2.3.1. Emulation levels............................................................................................................ 7 2.3.2. Practices ........................................................................................................................ 8 3. The emulation project................................................................................................................... 10 3.1. Criteria for the project.........................................................................................................
    [Show full text]
  • Novell Securelogin 6.0 SP1 Congifuration Guide for Terminal Emulation Novdocx (ENU) 10 August 2006
    Novell SecureLogin 6.0 SP1 Congifuration Guide for Terminal Emulation novdocx (ENU) 10 August 2006 August 10 (ENU) novdocx Novell SecureLogin 6.0 SP1 www.novell.com CONFIGURATION GUIDE FOR October 13, 2006 TERMINAL EMULATION novdocx (ENU) 10 August 2006 August 10 (ENU) novdocx Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses.
    [Show full text]
  • How to Download Android Apps to the Pc 4 Free Ways to Run Android Apps on Your PC
    how to download android apps to the pc 4 Free Ways to Run Android Apps on Your PC. Want to use Android apps on a PC? There are plenty of good, free ways to emulate Android right on your computer, including the Your Phone app, BlueStacks, Genymotion, and Android-x86. Let's take a look. Ever wish you could run an Android app or game on your PC so you weren't relegated to a tiny phone screen? Or maybe you need to test a feature on Android, but don't have an Android device handy. Here are four free ways to run Android (and its apps) on your computer. Mirror Your Phone With Windows. For apps installed on your phone, you don’t need anything fancy to get Android on your PC. The Windows Your Phone app provides the ability to mirror the phone screen to your PC, with access to most of your apps through a simple desktop window. Just follow our instructions on connecting your phone to Windows, then choose the Phone Screen option in the sidebar to mirror your device. Microsoft is working on expanding this feature even further, with the ability to pin Android apps on your taskbar and launch them individually, as long as your phone and computer are connected. At the time of writing, this feature is only available in Windows 10’s Insider Previews, but it should make its way to the mass-released version of Windows soon. This isn’t always the ideal solution. If you’re looking to play games, this may come with some delay and graphical blurriness, and you won’t be able to easily share files from your PC directly to an app in Android.
    [Show full text]
  • Where to Safely Download Android Roms Best Custom ROMS of 2018 Based on Android 8.1 Oreo
    where to safely download android roms Best Custom ROMS of 2018 based on Android 8.1 Oreo. Android is the most widely used and popular OS in the world. This is because of it being a FOSS (Free and Open Source) operating system for mobile phones. That means anyone can create a custom software for their smartphones or tablets using the Android sources. Thus there are numerous custom ROMs available for the users including LineageOS, Resurrection Remix, Paranoid Android, AOSP ports, and many more. Here we have collected a list of best custom ROMS for 2018. The best custom ROMS have been selected based on the latest Android versions, support from the developers or device maintainers, stability, performance, speed, and much more. So if you are looking forward to flashing a custom ROM in 2018, then here is is the list of best custom ROMS based on Android 8.1 Oreo. Flashing a custom ROM in combination of a custom Kernel can increase the performance, battery life, and speed of the device. You may also need to flash the latest Google Apps (Gapps) for Android 8.1 Oreo. If you are looking forward to rooting your Android phone, then flashing Magisk 16.3+ will solve it. If you are worried about the Uncertified device error by Google, then here is a solution. As these ROMs have been recently updated to Oreo, they may consist of some bugs. So downloading and installing the latest version of the Oreo builds will solve the problem. 1. Lineage OS 15.1 ROM. LineageOS has become the most popular custom ROMs in the Android community.
    [Show full text]
  • Designing Multiscale Hybrid Platform for Testing and Evaluationg Iot Systems Osama Abu Oun
    Designing multiscale hybrid platform for testing and evaluationg IoT systems Osama Abu Oun To cite this version: Osama Abu Oun. Designing multiscale hybrid platform for testing and evaluationg IoT systems. Other [cs.OH]. Université de Franche-Comté, 2015. English. NNT : 2015BESA2015. tel-01508640 HAL Id: tel-01508640 https://tel.archives-ouvertes.fr/tel-01508640 Submitted on 14 Apr 2017 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Thèse de Doctorat école doctorale sciences pour l’ingénieur et microtechniques UNIVERSITÉ DE FRANCHE-COMTÉ Conception D’une Plate-Forme Multi-Échelle Hybride pour Évaluer Les Performances de Systèmes Orientés Internet des Objets n OSAMA ABU OUN Thèse de Doctorat école doctorale sciences pour l’ingénieur et microtechniques UNIVERSITÉ DE FRANCHE-COMTÉ N◦ 2 0 1 5 0 5 9 THÈSE présentée par OSAMA ABU OUN pour obtenir le Grade de Docteur de l’Université de Franche-Comté Spécialité : Informatique Conception D’une Plate-Forme Multi-Échelle Hybride pour Évaluer Les Performances de Systèmes Orientés Internet des Objets Soutenue
    [Show full text]
  • How to Download and Install an Android Mobile App How to Install Android on Your PC Without an Emulator
    how to download and install an android mobile app How to Install Android on Your PC Without an Emulator. Run Android apps on your desktop with Phoenix OS and other options. Tweet Share Email. It's possible to install Android on a PC without using an emulator. Learn how to run Android apps and access a full version of the mobile operating system on Windows. Instructions in this article apply to desktops and laptops running Windows 10, 8, and 7. Why Install Android on PC? If you don't have an Android device, you're missing out on millions of apps in the Google Play Store. Even if you already have a smartphone or tablet that you play Android games on, you might prefer to play them on your PC. There are several ways to run Android apps on your computer. For example, the Android SDK comes with an Android emulator for debugging apps, and BlueStacks is a cloud-based virtual machine that optimizes Android apps for desktops. However, if you want to access the full version of Android without an emulator, then your best bet is Phoenix OS. What Is Phoenix OS? Phoenix OS is an operating system based on Android 7 (Nougat) that is designed to run on desktop and laptop computers. If you install it on your hard drive, you're given the option to boot into Phoenix OS each time you start up your computer. Alternatively, you can save it to a USB flash drive for use on any computer. Before you can install Phoenix OS, you must first download the installer for your operating system.
    [Show full text]