skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Modeling the Dynamics of Compromised Networks

Abstract

Accurate predictive models of compromised networks would contribute greatly to improving the effectiveness and efficiency of the detection and control of network attacks. Compartmental epidemiological models have been applied to modeling attack vectors such as viruses and worms. We extend the application of these models to capture a wider class of dynamics applicable to cyber security. By making basic assumptions regarding network topology we use multi-group epidemiological models and reaction rate kinetics to model the stochastic evolution of a compromised network. The Gillespie Algorithm is used to run simulations under a worst case scenario in which the intruder follows the basic connection rates of network traffic as a method of obfuscation.

Authors:
;
Publication Date:
Research Org.:
Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1026467
Report Number(s):
LLNL-TR-498747
TRN: US201122%%463
DOE Contract Number:  
W-7405-ENG-48
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICAL METHODS AND COMPUTING; ALGORITHMS; DETECTION; EFFICIENCY; KINETICS; REACTION KINETICS; SECURITY; SIMULATION; TOPOLOGY; VECTORS; COMPUTERS; PROGRAMMING

Citation Formats

Soper, B, and Merl, D M. Modeling the Dynamics of Compromised Networks. United States: N. p., 2011. Web. doi:10.2172/1026467.
Soper, B, & Merl, D M. Modeling the Dynamics of Compromised Networks. United States. doi:10.2172/1026467.
Soper, B, and Merl, D M. Mon . "Modeling the Dynamics of Compromised Networks". United States. doi:10.2172/1026467. https://www.osti.gov/servlets/purl/1026467.
@article{osti_1026467,
title = {Modeling the Dynamics of Compromised Networks},
author = {Soper, B and Merl, D M},
abstractNote = {Accurate predictive models of compromised networks would contribute greatly to improving the effectiveness and efficiency of the detection and control of network attacks. Compartmental epidemiological models have been applied to modeling attack vectors such as viruses and worms. We extend the application of these models to capture a wider class of dynamics applicable to cyber security. By making basic assumptions regarding network topology we use multi-group epidemiological models and reaction rate kinetics to model the stochastic evolution of a compromised network. The Gillespie Algorithm is used to run simulations under a worst case scenario in which the intruder follows the basic connection rates of network traffic as a method of obfuscation.},
doi = {10.2172/1026467},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2011},
month = {9}
}

Technical Report:

Save / Share: