cloud based testbed for simulation of cyber attacks
play

Cloud-based Testbed for Simulation of Cyber Attacks D. Kouil, T. - PowerPoint PPT Presentation

Aug 28, 2023 •150 likes •351 views

Cloud-based Testbed for Simulation of Cyber Attacks D. Kouil, T. Rebok, T. Jirsk, J. egan, M. Draar, M. Vizvry, J. Vykopal { lastname }@ics.muni.cz IEEE/IFIP Network Operations and Management Symposium, NOMS 2014 5-9 May 2014, Krakow,

  1. Cloud-based Testbed for Simulation of Cyber Attacks D. Kouřil, T. Rebok, T. Jirsík, J. Čegan, M. Drašar, M. Vizváry, J. Vykopal { lastname }@ics.muni.cz IEEE/IFIP Network Operations and Management Symposium, NOMS 2014 5-9 May 2014, Krakow, Poland

  2. Part I Introduction Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 2 / 19

  3. Motivation Current status Ubiquitous cyber attacks Need to be studied and understood What do we need? Real-world arrangements simulation Sufficient isolation and control User friendly environment (easy to instantiate and use) Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 3 / 19

  4. Requirements statement Network-related requirements Host-related requirements Monitoring infrastructure Control requirements Deployment requirements Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 4 / 19

  5. Part II Cybernetic Proving Ground Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 5 / 19

  6. About Features Simulation of a large network, systems, services and applications. Monitoring of network behaviour, detection and mitigation of anomalies and attacks. Cloud environment for repeatable investigation of cyber threats. Cloud Enables computing of resource-intensive tasks. Remote secure access of users around the world. Enables providing CPG to third parties as a service. Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 6 / 19

  7. General architecture Various Scenarios Sandbox 1 Scenario Management Node Sandbox 2 Scenario Management Entry Node Node Multiple Users Sandbox n Scenario Management Node Cloud environmnet Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 7 / 19

  8. Sandbox architecture LAN 1 Scenario Management Scenario Con fi guration Data Processing Database Scenario Management LAN 2 node LAN n Network tra ffi c Management & Measurement channel Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 8 / 19

  9. Networking ISO Layers L2 layer is provided by CPG L3 completely under user control Flexibility IPv4, IPv6 Non-IP protocols Emulation of various network characteristics (delays, bandwidth limits, dropped packets) Components Management Network Simulated Network Lan Management Node Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 9 / 19

  10. L2 Architecture PC 1 PC 2 PC 3 VM 1 VM 2 VM 3 VM 4 Station 3 Station 1 Station 2 Switch 1 Hypervisor Hypervisor Hypervisor Hypervisor Physical Switch Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 10 / 19

  11. L3 Architecture Open vSwitch netem/tc fi rewall WAN Mgmt probe DHCP Network tra ffi c Measured data Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 11 / 19

  12. Monitoring infrastructure Network monitoring Host monitoring Network flow monitoring Nested virtualization Automatic configuration munin Probe SRC and DST IP addr SRC and DST port Protocol number IPFIX TCP fl ags Lifetime Sum of bytes Collector Data analysis Others Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 12 / 19

  13. Benefits for users Easier investigation of cyber threats and attack Automated gathering and processing of data generated during security scenarios. Creating database of malicious code (malware, worms, botnets). Visualization of significant aspects of the scenarios. Traffic analysis and forensics Acquisition, storage and analysis of network traffic statistics. Analysis of malware – at infected host as well as in network. Validation of processes of incident handling and response. Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 13 / 19

  14. Part III Use-cases Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 14 / 19

  15. Security scenario What is it? General description of environment, components, actions, expected outcomes of particular experiment What does it consist of? Scenario description Technical description Variation description Network topology including node types List of events List of actions Characteristic manifestations Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 15 / 19

  16. Simulation of DDoS Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 16 / 19

  17. Work in progress Attacks to critical infrastructure: Domain Name System Testing tools Research and development Forensic analysis of infected files and applications Observation and monitoring of captured artifacts Scenario repeatability Penetration testing Testing of detection tools Training of penetration testers Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 17 / 19

  18. Future work Training of security teams Commented analysis of scenarios Cyber war game in CPG CPG as a service Remote access to CPG to third parties New scenarios “on demand“ Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 18 / 19

  19. Thank You For Your Attention! Cloud-based Testbed for Simulation of Cyber Attacks D. Kouřil T.Rebok T. Jirsík J.Čegan M. Drašar M. Vizváry J. Vykopal Home page http://www.muni.cz/ics/kypo Kouřil et al. Cloud-based Testbed for Simulation of Cyber Attacks 19 / 19

Recommend

I l l i n o i s Te s t b e d An Overview of Resource Availability CEER : Cyber-Physical

I l l i n o i s Te s t b e d An Overview of Resource Availability CEER : Cyber-Physical

I l l i n o i s Te s t b e d An Overview of Resource Availability CEER : Cyber-Physical (testbed operation support) Experimentation CLOUD DATA ASSETS Customer PROVISION TESTBED LOCAL PEOPLE SCIENCE People Prosper Shane Ashwini

922 views • 58 slides
90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO

90% OF CYBER ATTACKS ARE 90% OF CYBER ATTACKS ARE SUCCESSFUL DUE TO HUMAN SUCCESSFUL DUE TO HUMAN ERROR ERROR CYBER AWARE CYBER AWARE NEXT-GEN SECURITY AWARENESS TRAINING Cyber Crime Is Now A Cyber Crime Is Now A Business Opportunity

550 views • 25 slides
JGN-X: SDN and cloud testbed in Japan Shinji Shimojo NICT/Osaka U 2012.11 New Generation

JGN-X: SDN and cloud testbed in Japan Shinji Shimojo NICT/Osaka U 2012.11 New Generation

JGN-X: SDN and cloud testbed in Japan Shinji Shimojo NICT/Osaka U 2012.11 New Generation Networking and its testbed SDN How does it help to improve cloud? Find some scinario on testbed in collaboraiton

593 views • 25 slides
T7 Cloud Simulation On-demand access simulation December 2016 T7 Cloud Simulation December 2016

T7 Cloud Simulation On-demand access simulation December 2016 T7 Cloud Simulation December 2016

T7 Cloud Simulation On-demand access simulation December 2016 T7 Cloud Simulation December 2016 T7 Cloud Simulation In a Nutshell T7 Cloud Simulation allows members and customers to Control the market: Create your own order

314 views • 9 slides
Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced

Understanding Cyber Risks and Security Options The Spectrum of Cyber Attacks Advanced Persistent Threats (APT) Cybercriminals, Exploits and Malware Denial of Service attacks (DDoS) Domain name hijacking Corporate

347 views • 13 slides
Exploring Next-Generation Cloud Platforms Prof. Miriam Leeser Department of Electrical and

Exploring Next-Generation Cloud Platforms Prof. Miriam Leeser Department of Electrical and

Testbed for the Research Community Exploring Next-Generation Cloud Platforms Prof. Miriam Leeser Department of Electrical and Computer Engineering Northeastern University Boston, MA mel@coe.neu.edu Open Cloud Testbed: Developing a Testbed

657 views • 23 slides
ICS Testbed Tetris: Practical Building Blocks Towards a Cyber Security Resource CSET 20 - Long

ICS Testbed Tetris: Practical Building Blocks Towards a Cyber Security Resource CSET 20 - Long

ICS Testbed Tetris: Practical Building Blocks Towards a Cyber Security Resource CSET 20 - Long Preliminary Work Paper 13 th USENIX Workshop on Cyber Security Experimentation and Test August 10, 2020 Benjamin Green Richard Derbyshire William

418 views • 12 slides
System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus

System-Level Protection Against Cache-Based Side Channel Attacks in the Cloud Taesoo Kim, Marcus Peinado, Gloria Mainar-Ruiz MIT CSAIL Microsoft Research Security is a big concern in cloud adoption Why are cache-based side channel

588 views • 38 slides
Microarchitectural Attacks in the Cloud Thomas Eisenbarth 07.11.2017 Workshop on Cryptography

Microarchitectural Attacks in the Cloud Thomas Eisenbarth 07.11.2017 Workshop on Cryptography

Microarchitectural Attacks in the Cloud Thomas Eisenbarth 07.11.2017 Workshop on Cryptography for the Internet of Things and Cloud Ruhr-Universitt Bochum Outline Cloud and Cryptography Co-Location in the Cloud Cache Attacks in the

2.23k views • 37 slides
Hi. Tanya L. Crenshaw UPBOT: A Testbed for Cyber-Physical Systems Tanya Crenshaw, assistant

Hi. Tanya L. Crenshaw UPBOT: A Testbed for Cyber-Physical Systems Tanya Crenshaw, assistant

Hi. Tanya L. Crenshaw UPBOT: A Testbed for Cyber-Physical Systems Tanya Crenshaw, assistant professor Steven Beyer, senior EE undergraduate University of Portland CSET 2010 October 2006 http://varma.ece.cmu.edu/cps/ cyber physical systems

958 views • 59 slides
A SIMULATION-BASED ARCHITECTURE FOR SMART CYBER- PHYSICAL SYSTEMS THOMAS GABOR, LENZ BELZNER,

A SIMULATION-BASED ARCHITECTURE FOR SMART CYBER- PHYSICAL SYSTEMS THOMAS GABOR, LENZ BELZNER,

A SIMULATION-BASED ARCHITECTURE FOR SMART CYBER- PHYSICAL SYSTEMS THOMAS GABOR, LENZ BELZNER, MARIE KIERMEIER, MICHAEL TILL BECK, ALEXANDER NEITZ LMU MUNICH INSTITUTE FOR INFORMATICS SMART CYBER-PHYSICAL SYSTEMS E.g. autonomous factories,

349 views • 19 slides
UTSA Community-Based Secure Information and Resource Sharing in AWS Public Cloud Cyber Incident

UTSA Community-Based Secure Information and Resource Sharing in AWS Public Cloud Cyber Incident

UTSA Community-Based Secure Information and Resource Sharing in AWS Public Cloud Cyber Incident Response A Model for Information and Resource Sharing Amy(Yun) Zhang, Farhan Patwa, Ravi Sandhu Institute for Cyber Security University of Texas

578 views • 19 slides
UTSA Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS Cyber Incident

UTSA Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS Cyber Incident

UTSA Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS Cyber Incident Response Models for Information and Resource Sharing Yun Zhang, Farhan Patwa , Ravi Sandhu Institute for Cyber Security University of Texas at

711 views • 20 slides
Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean

Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean

Conceptualizing Human Resilience in the Face of the Global Epidemiology of Cyber Attacks L Jean Camp, Marthie Grobler, Julian Jang-Jaccard, Christian Probst, Karen Renaud, Paul Watters Cyber is Global It is unrealistic to study cyber at a

719 views • 36 slides
The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix

The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix

The Challenge LGNZ 6 June 2014 100 % Cyber Attacks Data Indicative National Risk Matrix Severe Weather Hazardous Spill Failed Large Pacific rural flood Global Financial Asia 10 % State Crisis Interstate Cyber Attacks Conflict

335 views • 11 slides
A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage

A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage

. . A Simulation-based Evaluation of a Hybrid Storage System combining P2P, F2F, and Cloud storage with a Distributed Reputation System Anders Skoglund andsk668@student.liu.se November 04, 2013 . Cloud storage P2P storage F2F storage

660 views • 36 slides
DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1

DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1

www.nviso.be DEFENDING DIGITAL BUSINESS AGAINST CYBER ATTACKS Presentation SAI 21/02/2019 Our Agenda 1 Demo time 2 Threat actor groups 3 Nation states 4 Hacktivism 5 Organized cyber crime 6 The bad competitor 7 The Internet of

777 views • 42 slides
SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET -

SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET -

SARNET ENHANCING RESILIENCE AGAINST CYBER ATTACKS Frank Fransen | 5 October 2016 SARNET - Enhancing Cyber Resilience Relation to NCSRA II SARNET | October 5th 2016 CYBER THREATS ARE EVOLVING Key trends Cyber Cyber Cyber Magnitude of

153 views • 13 slides
Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent

Catch me if you can A cloud based DdoS defense Mikal Fourrier DDoS attacks Goal: prevent the access to a computer system to it's legitimate users. DDoS: DoS attack on the network using a lot of different source IP Why:

327 views • 16 slides
PII Awareness Briefing Introduction Cyber attacks on private, public and government

PII Awareness Briefing Introduction Cyber attacks on private, public and government

PII Awareness Briefing Introduction Cyber attacks on private, public and government information systems are becoming all too common. From hackers to cyber criminals and nation states, todays attackers are more disciplined,

918 views • 12 slides
Cyber attacks as use of force in international relations: ius ad bellum and ius in bello Prof.

Cyber attacks as use of force in international relations: ius ad bellum and ius in bello Prof.

Cyber attacks as use of force in international relations: ius ad bellum and ius in bello Prof. Marco Pedrazzi Department of International, Legal, Historical and Political Studies Milan University 1 Cyber war and outer space Satellites =

583 views • 27 slides
Open Cirrus: A Global Testbed for Cloud Computing Research David OHallaron Director, Intel

Open Cirrus: A Global Testbed for Cloud Computing Research David OHallaron Director, Intel

Open Cirrus: A Global Testbed for Cloud Computing Research David OHallaron Director, Intel Labs Pittsburgh Carnegie Mellon University Open Cirrus Testbed http://opencirrus.intel-research.net Sponsored by HP , Intel, and Yahoo!

310 views • 28 slides
Blending Cyber Effects into Live, Virtual and Constructive Simulation Daniel J. Lacks, PhD 1 ,

Blending Cyber Effects into Live, Virtual and Constructive Simulation Daniel J. Lacks, PhD 1 ,

IT 2 EC 2020 Blending Cyber Effects into Live, Virtual and Constructive Simulation Cyber Training Blending Cyber Effects into Live, Virtual and Constructive Simulation Daniel J. Lacks, PhD 1 , Stephen Lopez-Couto 2 , Kevin Hofstra 3 1 Chief

322 views • 5 slides
Anatomy of a Data Theft Attack For Sacramento ISACA January 2016 Mike Landeck Cyber Security

Anatomy of a Data Theft Attack For Sacramento ISACA January 2016 Mike Landeck Cyber Security

Anatomy of a Data Theft Attack For Sacramento ISACA January 2016 Mike Landeck Cyber Security Consultant Agenda 1. USB Attacks 2. QR Code Attacks 3. Advanced Phishing Attacks 4. Malvertising 5. Watering Hole Attacks 6. How Simple Browser

1.32k views • 33 slides

More recommend