1
|
- John H. Saunders, Ph.D.
- National Defense University
|
2
|
- What is modeling & simulation? Why use it?
- What simulations are now available in the Information Security arena?
- What are the major issues with using and creating models and simulations
in the Information Security arena?
- What simulation tools are available for building new simulations?
- Can/Should a common framework be built for modeling Information
Security?
|
3
|
- Representation of the relevant features of an actual system.
- Which features are "relevant" and how much detail is
incorporated into the model are determined by the purpose for which the
model was developed.
- Model types
- Pictorial, Analytic [Mathematical, Symbolic], Physical
- Static v. Dynamic
- Real-time/Operational Monitoring v. Planning Models
|
4
|
|
5
|
- Leads toward a total solution
- Stimulates joint participation
- Does not disrupt the actual system
- Provides a clearer, common understanding of the system
- Identifies technical and management issues for consideration
- Capitalizes on human strengths – visualization, memory, reasoning
- For existing systems, improves system performance
- Helps to ensures that the proposed system will perform as intended
|
6
|
- Packet Wars
- Sniffers + Network Design Tools
- Canned Attack/Defend Scenarios
- Management Flight Simulators
- Role Playing
|
7
|
|
8
|
|
9
|
- IT Decision Guru
- http://www.opnet.com/products/itdg/home.html
- NetCracker
- http://www.netcracker.com/index.html
- NetRule
- http://www.analyticalengines.com/tour.htm
|
10
|
|
11
|
|
12
|
|
13
|
|
14
|
|
15
|
|
16
|
|
17
|
|
18
|
- Joint Simulation System (JSIMS), JQUAD+
- Joint Warfare System (JWARS)
- Network Warfare Simulation (NETWARS)
|
19
|
|
20
|
|
21
|
- D-Wall, Network Security Simulator, Fred Cohen & Associates
- Cyber Command System, BBN Technologies
- Visual NRM [Network Rating Methodology], Naval Research Lab
|
22
|
- How do we model the characteristics of
- Data, Protocols, Relationships, Time, Hardware, Software
- Objects, Algorithms, Abstraction, Level of Detail, Audience?
- Formal Models
- Howard, Amoroso, Landwehr, Cohen, Hale
- What can we learn from the experiences of other areas, e.g. the High
Level Architecture (HLA) effort, CVE, and Common Criteria?
|
23
|
- Modeling & Simulation for Information Assurance, IATAC, Defense
Technical Information Center. May 2001.
- Fred Cohen & Associates. http://www.all.net
- Schrage, Michael. Serious Play: How the Worlds Best Companies Simulate
to Innovate HBS Press, Boston, MA 1999.
- Swain, James. Simulation Software Survey. OR/MS Today. February 2001.
- Simulation Software Links. http://www.topology.org/soft/sim.html
|