Notes
Slide Show
Outline
1
The Case for Modeling and Simulation
of Information Security
  • John H. Saunders, Ph.D.
  • National Defense University
2
Agenda
  • What is modeling & simulation? Why use it?
  • What simulations are now available in the Information Security arena?
  • What are the major issues with using and creating models and simulations in the Information Security arena?
  • What simulation tools are available for building new simulations?
  • Can/Should a common framework be built for modeling Information Security?
3
What is a Model? Simulation?
  • Representation of the relevant features of an actual system.
  • Which features are "relevant" and how much detail is incorporated into the model are determined by the purpose for which the model was developed.
  • Model types
    • Pictorial, Analytic [Mathematical, Symbolic], Physical
    • Static v. Dynamic


  • Real-time/Operational Monitoring v. Planning Models
4
Modeling Information Security
5
Why Model
Information Security?

  • Leads toward a total solution
  • Stimulates joint participation
  • Does not disrupt the actual system
  • Provides a clearer, common understanding of the system
  • Identifies technical and management issues for consideration
  • Capitalizes on human strengths – visualization, memory, reasoning
  • For existing systems, improves system performance
  • Helps to ensures that the proposed system will perform as intended
6
Simulations for
 Learning Information Security
  • Packet Wars
  • Sniffers + Network Design Tools
  • Canned Attack/Defend Scenarios
  • Management Flight Simulators
  • Role Playing
7
Packet Wars
8
Simple Network Diagramming Model
9
"IT Decision Guru"
  • IT Decision Guru
    • http://www.opnet.com/products/itdg/home.html
  • NetCracker
    • http://www.netcracker.com/index.html
  • NetRule
    • http://www.analyticalengines.com/tour.htm
10
Canned Attack/Defend
CyberProtect
11
Cyber Protect Simulation Learning
12

Canned Attack/Defend
Information Security War Gaming System
13
Canned Attack/Defend
InfoChess
14
Management Flight Simulators (MFS)
15
Simplified Management Flight Simulator of Web Transaction Processing Model
16
Management Flight Simulators
Areas of Focus
17
Role Playing
18
DoD Information Operations/ Information Warfare Simulations
  • Joint Simulation System (JSIMS), JQUAD+
  • Joint Warfare System (JWARS)
  • Network Warfare Simulation (NETWARS)
19
Simulations reviewed - a comparison
20
Computer Simulation
Methodologies & Tools
21
Other Selected M&S Efforts in IA
  • D-Wall, Network Security Simulator, Fred Cohen & Associates
  • Cyber Command System, BBN Technologies
  • Visual NRM [Network Rating Methodology], Naval Research Lab
22
Formalized Framework(s) for
Modeling of Security?
  • How do we model the characteristics of
    • Data, Protocols, Relationships, Time, Hardware, Software
    • Objects, Algorithms, Abstraction, Level of Detail, Audience?
  • Formal Models
    • Howard, Amoroso, Landwehr, Cohen, Hale
  • What can we learn from the experiences of other areas, e.g. the High Level Architecture (HLA) effort, CVE, and Common Criteria?
23
Selected References
  • Modeling & Simulation for Information Assurance, IATAC, Defense Technical Information Center. May 2001.
  • Fred Cohen & Associates. http://www.all.net
  • Schrage, Michael. Serious Play: How the Worlds Best Companies Simulate to Innovate HBS Press, Boston, MA 1999.
  • Swain, James. Simulation Software Survey. OR/MS Today. February 2001.
  • Simulation Software Links. http://www.topology.org/soft/sim.html