Abstract

Computer networks are now relied on more than ever before for gathering information and performing essential business functions. In addition, cyber crime is frequently used as a means of exploiting these networks to obtain useful and private information. Although intrusion detection tools are available to assist in detecting malicious activity within a network, these tools often lack the ability to clearly identify cyber attacks. This limitation makes the development of effective tools an imperative task to assist in both detecting and taking action against cyber attacks as they occur. In developing such tools, reliable test data must be provided that accurately represents the activities of networks and attackers without the large overhead of setting up physical networks and cyber attacks. The intent of this thesis is to use operation research and simulation techniques to provide both data and data-generation tools representative of real-world computer networks, cyber attacks, and security intrusion detection systems. A simulation model is developed to represent the structure of networks, the unique details of network devices, and the aspects of intrusion detection systems used within networks. The simulation is also capable of generating representative cyber attacks that accurately portray the capabilities of attackers and the intrusion detection alerts associated with the attacks. To ensure that the data provided is reliable, the simulation model is verified by evaluating the structure of the networks, cyber attacks, and sensor alerts, and validated by evaluating the accuracy of the data generated with respect to what occurs in a real network. By providing accurate data with respect to network structure, attack structure, and intrusion detection alerts, the simulation methods used offer considerable support in developing tools that can accurately detect and take action against attacks.

Library of Congress Subject Headings

Computer crimes--Computer simulation; Computer crimes--Prevention; Computer networks--Security measures

Publication Date

10-1-2007

Document Type

Thesis

Department, Program, or Center

Industrial and Systems Engineering (KGCOE)

Advisor

Kuhl, Michael - Chair

Advisor/Committee Member

Sudit, Moises

Comments

Note: imported from RIT’s Digital Media Library running on DSpace to RIT Scholar Works. Physical copy available through RIT's The Wallace Library at: HV6773 .C67 2007

Campus

RIT – Main Campus

Share

COinS