Abstract
Computer networks are now relied on more than ever before for gathering information and performing essential business functions. In addition, cyber crime is frequently used as a means of exploiting these networks to obtain useful and private information. Although intrusion detection tools are available to assist in detecting malicious activity within a network, these tools often lack the ability to clearly identify cyber attacks. This limitation makes the development of effective tools an imperative task to assist in both detecting and taking action against cyber attacks as they occur. In developing such tools, reliable test data must be provided that accurately represents the activities of networks and attackers without the large overhead of setting up physical networks and cyber attacks. The intent of this thesis is to use operation research and simulation techniques to provide both data and data-generation tools representative of real-world computer networks, cyber attacks, and security intrusion detection systems. A simulation model is developed to represent the structure of networks, the unique details of network devices, and the aspects of intrusion detection systems used within networks. The simulation is also capable of generating representative cyber attacks that accurately portray the capabilities of attackers and the intrusion detection alerts associated with the attacks. To ensure that the data provided is reliable, the simulation model is verified by evaluating the structure of the networks, cyber attacks, and sensor alerts, and validated by evaluating the accuracy of the data generated with respect to what occurs in a real network. By providing accurate data with respect to network structure, attack structure, and intrusion detection alerts, the simulation methods used offer considerable support in developing tools that can accurately detect and take action against attacks.
Library of Congress Subject Headings
Computer crimes--Computer simulation; Computer crimes--Prevention; Computer networks--Security measures
Publication Date
10-1-2007
Document Type
Thesis
Department, Program, or Center
Industrial and Systems Engineering (KGCOE)
Advisor
Kuhl, Michael - Chair
Advisor/Committee Member
Sudit, Moises
Recommended Citation
Costantini, Kevin, "Development of a cyber attack simulator for network modeling and cyber security analysis" (2007). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/5699
Campus
RIT – Main Campus
Comments
Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works. Physical copy available through RIT's The Wallace Library at: HV6773 .C67 2007