A Distributed Attack Simulation for Quantitative Security Evaluation using SimEvents

作者:Khazan Golriz*; Azgomi Mohammad Abdollahi
来源:7th ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-09), China,Sichuan,Aba Zang and Qiang Autonomous Prefecture,Aba, 2009-05-10 to 2009-10-13.
DOI:10.1109/AICCSA.2009.5069352

摘要

Any system during its lifecycle could be subject to internal or external accidental or malicious threats. Therefore attention to system security is very important nowadays. Security brings in concerns for availability, in addition to confidentiality and integrity. Many security assessment methodologies like ITSEC, CC and etc were used up to now, but most of them have some limitations for being used in design phase of systems. In this paper, simulation of a network system for quantitative security evaluation (QSE) based on discrete-event simulation (DES) by SimEvents is presented First, the system in normal state is simulated then an attacker is modeled as a client by means of zombies attacks to the system. Subsequently the availability of system begins to decrease. Finally the system cannot respond to the requests. After this simulation, the availability of system as an important security measure in any moment of simulation time is measured At the end, a case study of distributed denial of service (DDoS) simulation is presented and the availability measure of the system is evaluated.

全文