Automated Discovery for Emulytics
- Sandia National Laboratories (SNL), Albuquerque, NM, and Livermore, CA (United States)
Sandia has an extensive background in cybersecurity research and is currently extending its state-of-the-art modeling via emulation capability. However, a key part of Sandia's modeling methodology is the discovery and specification of the information-system under study, and the ability to recreate that specification with the highest fidelity possible in order to extrapolate meaningful results. This work details a method to conduct information system discovery and develop tools to enable the creation of high-fidelity emulation models that can be used to enable assessment of our infrastructure information system security posture and potential system impacts that could result from cyber threats. The outcome are a set of tools and techniques to go from network discovery of operational systems to emulating complex systems. As a concrete usecase, we have applied these tools and techniques at Supercomputing 2016 to model SCinet, the world's largest research network. This model includes five routers and nearly 10,000 endpoints which we have launched in our emulation platform.
- Research Organization:
- Sandia National Laboratories (SNL-CA), Livermore, CA (United States); Sandia National Laboratories, Albuquerque, NM
- Sponsoring Organization:
- USDOE National Nuclear Security Administration (NNSA)
- DOE Contract Number:
- AC04-94AL85000; NA0003525
- OSTI ID:
- 1607845
- Report Number(s):
- SAND--2020-3605R; 685038
- Country of Publication:
- United States
- Language:
- English
Similar Records
Cyber security analysis testbed : combining real, emulation, and simulation.
Simulated, Emulated, and Physical Investigative Analysis (SEPIA) of networked systems.