With the increasing growth of cyber-attack incidences, it is important to develop innovative and effective techniques assess defend networked systems against cyber attacks. One well-known for this performing penetration testing which carried by a group security professionals (i.e, red team). Penetration also known be find existing new vulnerabilities, however, quality assessment can depending on team members their time devotion testing. In paper, we propose novel automation framework...

As the scale of system and network grows, IT infrastructure becomes more complex hard to be managed. Many organizations have a serious problem manage their security. In addition, vulnerabilities hardware software are increasing in number rapidly. such environment, security administrators need practical automated threat assessment methods reduce manual tasks. Adversary emulation based is one solutions solve aforementioned problems because it helps discover attack paths exploited. However,...

Subjective Bayesian networks (SBN) combine Networks (BN) with Logic in order to express the second-order uncertainty (i.e., about a probability distribution of an event – as opposed itself). While SBNs provide strong formalism for treating higher level, literature lacks support extensive software implementations focused on compatibility current solutions or standards. Our work explores structural congruence between BN and SBN (in terms data structure) semantic bijection opinions Dirichlet...

Mission Impact Assessment (MIA) is a critical endeavor for evaluating the performance of mission systems, encompassing intricate elements such as assets, services, tasks, vulnerability, attacks, and defenses. This study introduces an innovative MIA framework that transcends existing methodologies by intricately modeling interdependencies among these components. Additionally, we integrate hypergame theory to address strategic dynamics attack-defense interactions. To illustrate its...

Cyberwarfare can occur at any moment, anywhere on the planet, and it happens more often than we realize. The new form of warfare is wreaking havoc not only military but also every aspect our daily lives. Since cybersecurity has recently established itself as a critical element military, community relies heavily private sector to ensure cyber mission assurance. Given military's secrecy, such reliance may increase danger degradation or failure. To address this issue, attempted build dedicated...

With the advancement in cyber-defense capabilities, cyber attacks have continued to evolve like living creatures breach security. Assuming possibility of various enemy attacks, it is necessary select an appropriate course action by proactively analyzing and predicting consequences a particular security event. Cyber especially large-scale military network environments, fatal effect on security; therefore, experiments analyses must be conducted establish preparations. Herein, we propose...

Cybersecurity simulation is a useful, practical approach to provide insights counter cyber threats for organizations with large-scale, complex environment. From the micro behavior of malware on host macroscopic impact DDoS attack, various phenomena can be observed and analyzed scenarios. Many platforms cybersecurity have been developed support scenarios models different fidelity levels: live, virtual, constructive. varying Hence, interoperability between fidelities remained untrodden in...

It is difficult to assess the business impact of a cyberattack and implement appropriate strategies or policies enhance cyber resilience counter future attacks. Penetration testing, which currently gaining popularity, has been employed defense levels in actual operating environments. However, it expensive time-consuming only reveals current state problem without providing insights into potentially better alternative strategies. To overcome these limitations, cybersecurity modeling simulation...

급증하는 사이버 위협에 능동적으로 대응하기 위해, 사이버전사의 훈련, 기술검증 지원, 전투실험 임무는 매우 중요하다. 하지만, 실 운용 망에서 이를 수행하는 것은 많은 제약이 따르므로, 평상시 끊임없이 수행하기 위한 환경 및 시스템 구축이 필요하다. 본 논문에서는 훈련 지원을 위해 실(live)/가상(virtual) M&S 기반의 기능을 제안하고, 전투실험을 구성(constructive) 제안한다. 실제와 유사한 환경에서 다양한 시나리오를 기반으로 훈련을 수행함으로써 사이버전에 대한 역량을 강화하고, 대규모 전장 환경의 피해 영향을 사전에 분석함으로서 대응책 마련에 유용하게 활용가능하다. It is important to establish the environment for cyber warrior training, testing support and effectiveness analysis in order cope with sharply increasing threat....

Cyber threats increasingly target mission-critical systems in the military and private sectors. CMIA has emerged to mitigate such cyber assure resilience of critical missions. Existing approaches merely provide partial, manual analysis methods support lack ability optimal defense measures. In this paper, we propose a novel framework enabling streamlined, automated procedure, based on Bayesian Stackelburg game. Unlike conventional approaches, our provides most probable threat defense, i.e.,...

In the shortest path routing algorithm for communication networks, end-to-end of each session is found such that sum weights links on minimized. Hence, to find a `good' session, it important assign appropriate weight link in network. this paper, we study problem considering utilization link. Since known be NP-hard[1], use heuristic approach. Our based simulated annealing algorithm. However, with taking into account properties our problem, modify basic algorithm, which results faster and more...

In this paper, we study the problem that finds optimal link weights for routing in communication networks with a target utilization each link. Since is known as NP-hard, take heuristic approach based on simulated annealing method. However, to make algorithm be more robust and converge fast, modify basic Numerical results show our provides better performance than

2009년 이후 정부 및 민간부문에서는 DDoS 방어체계 구축을 위해 수백억 원의 예산을 투입해 왔으며, 그 결과 많은 민간분야에 대응을 위한 전용장비가 설치되었다. 그러나 이러한 기관 역시 공격 발생 시 성공적인 방어가 이루어지지 않는 경우가 많은데, 이는 대응 장비가 특정 행위에만 대응할 수 있는 시그니처 중심의 방어 구조를 따르고 있기 때문이다. 이에 비해 방어자원 관점의 정책적 대응방법을 통할 경우, 기법과 상관없이 서비스 자원의 가용성 확인을 통하여 시스템 이상여부 유형의 종류를 확인할 있으며, 공격에 대한 정책 또한 손쉽게 도출할 있다. 본 고에서는 기존의 행위 방어체계에서 벗어나 방어자 탐지 기법을 소개하고, 이를 통해 정책기반 서비스거부공격 대응방안을 제시한다.

Recently, with the development and diffusion of internet, it has also increased damage from malicious attacks. Worm attack refers to one that replicates spreads itself network. Especially, is expected by worm in tactical network which aims at victory engagement more effective than typical It can happen divorce between combat unit its immediate superior. If main system infected, would take critically on whole Therefore, required research analysis attack. However, previous premise cannot...

<p>An accurate assessment of a mission system's performance, called Mission Impact Assessment (MIA), can effectively identify and counteract any issues in the current system to avoid potential risks or vulnerabilities that may cause failure. Although importance MIA research has been recognized mitigate risk for more than decade, little shown comprehensive framework with experimental validation showing inference performance tools under realistic attack-defense interactions. To fill this...

<p>An accurate assessment of a mission system's performance, called Mission Impact Assessment (MIA), can effectively identify and counteract any issues in the current system to avoid potential risks or vulnerabilities that may cause failure. Although importance MIA research has been recognized mitigate risk for more than decade, little shown comprehensive framework with experimental validation showing inference performance tools under realistic attack-defense interactions. To fill this...

In this paper, we study a cross-layer optimization problem for network that consists of one wireline core and multiple wireless access networks. We consider four layers among five in the layering architecture: application characteristics through utility function quality service requirements layer; end-to-end flow control transport opportunistic scheduling data link adaptive modulation coding physical layer. formulate stochastic considering above both parts jointly results utility-based joint...

This paper introduces component based open middleware architecture implemented by ADD(Agency for Defense Development) to accommodate new technology evolution of unmanned autonomous system. The proposed system can be considered as a standard interface which defines the messages and operations between software components on application layer level, its purpose is ensure portability future onto multi-platforms well inter-operability domains. In this architecture, domain defined space where...

사이버전 훈련 시스템에 현실감 있는 트래픽을 제공하기 위해서는 사전에 트래픽 유통계획 작성과 정상/위협 데이터 셋을 이용한 훈련데이터셋 생성이 필요하다. 본 논문은 실제 환경과 같은 배경 제공 하기 위한 저작과 훈련데이터셋을 생성하는 방법의 설계와 구현 결과를 제시한다. 유통계획은 유통할 환경의 네트워크 토폴로지와 및 모의환경에서 수집한 속성 정보를 이용하여 저작하 는 방법을 제안한다. 유통계획에 따라 방법은 단위트래픽을 이용하는 방법과 프로토콜 의 비율을 혼합트래픽 양상 구현한 도구를 유통계획을 저작하고, 에 따른 생성결과를 확인하였다.