Abstract
Over the past decade the cost and frequency of cybercrime has skyrocketed and is still increasing year over year. Major targets of cyber attacks are financial organizations, energy and utility companies, governmental agencies, and technology companies. However, almost all businesses are at risk. The increasing threat and cost of cyber crime is caused by many factors, including: the increasing reliance on cyber networks, constantly evolving exploitation and cyber attack methods, and insufficient development of defensive mechanisms to predict and prevent cyber attackers. Promising research in the proactive defense against cyber attacks exists in the field of cyber situational awareness (Cyber SA), but is limited partially due to the limited availability of cyber attack data from desirable attack scenarios. This work improves upon previous development of a cyber attack simulator capable of modeling complex cyber attacks consisting of computer networks, their defenses, and cyber attacker behavior. The main contribution of this work is the introduction of a new model called the Attack Guidance Template (AGT), responsible for the definition of simulated cyber attack sequences and for guiding the attacker to the goal of the attack sequence. The AGT allows the user to define desired cyber attack sequences with flexibility and ranging levels of specificity. This work also introduces an attack sequence analyzer to aid the user in understanding the likelihood of the model attack sequences being accomplished successfully with different attackers across various networks. To ensure the validity of these developments, both the analyzer and the AGT are verified and compared to the previous cyber attack guidance template.
Library of Congress Subject Headings
Cyberterrorism--Prevention; Cyberterrorism--Computer simulation
Publication Date
8-10-2015
Document Type
Thesis
Student Type
Graduate
Degree Name
Industrial and Systems Engineering (MS)
Department, Program, or Center
Industrial and Systems Engineering (KGCOE)
Advisor
Michael E. Kuhl
Advisor/Committee Member
Shanchieh Jay Yang
Advisor/Committee Member
Katie McConky
Recommended Citation
Kreider, Derek Miles, "A Guidance Template for Attack Sequence Specification in Cyber Attack Simulation" (2015). Thesis. Rochester Institute of Technology. Accessed from
https://repository.rit.edu/theses/8786
Campus
RIT – Main Campus
Plan Codes
ISEE-MS
Comments
Physical copy available from RIT's Wallace Library at HV6773 .K74 2015