Threat emulation framework
A method for emulating threats in virtual network computing environment is provided. The method comprises creating a number of virtual machines in the virtual network computing environment. A number of threat actors are emulated, wherein each threat actor comprises a number of threat artifacts that form a sequence of attack steps against the virtual network computing environment. The threat actors are then deployed against the virtual network computing environment. Behavioral data about actions of the threat actors in the virtual network computing environment is collected, as is performance data about the virtual network computing environment in response to the threat actors. The collected behavioral and performance data is then presented to a user via an interface.
- Research Organization:
- Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- NA0003525
- Assignee:
- National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)
- Patent Number(s):
- 11,336,690
- Application Number:
- 16/685,907
- OSTI ID:
- 1892946
- Country of Publication:
- United States
- Language:
- English
Spotless Sandboxes: Evading Malware Analysis Systems Using Wear-and-Tear Artifacts
|
conference | May 2017 |
Ether
|
conference | January 2008 |
Similar Records
Automated platform to assess commercial off the shelf (COTS) software assurance
Simulated, Emulated, and Physical Investigative Analysis (SEPIA) of networked systems.