International Journal of Information and Communication Technology Research (Sep 2012)
Cyber Attack Simulation for Operational Security Evaluation Using Coloured Petri Nets
Abstract
Today, cyber attacks to computer networks have turned into a real challenge for network administrators. A wide range of methods have been used for attack modeling and security quantification. The most important drawback of the existing methods is that they are not based on real security-related information of networks. Our aim has been to overcome this drawback by using high-level modeling techniques and real security relevant information of systems. In this paper, we use coloured Petri nets (CPNs) for attack modeling. One of the objectives of this paper is to show the power and flexibility of CPNs for high-level attack modeling. In our work, the important elements of networks involved in cyber attacks, such as hosts, attackers, intrusion detection and prevention systems, servers and firewalls are modeled as reusable CPN sub-models. In other words, with the help of hierarchy and the abstraction provided by CPNs, we have proposed a framework for modeling and evaluation of the impacts of cyber attacks on networks. Through an illustrative example, we have modeled a sample network and some attack scenarios by using the security-relevant information extracted from open source vulnerability database (OSVDB). Finally, we have evaluated some security measures of a sample network.