METHOD AND DEVICE FOR SIMULATING NETWORK RESILIANCE AGAINST ATTACKS

US 20150295948A1
Filed: 10/23/2013
Published: 10/15/2015
Est. Priority Date: 10/23/2012
Status: Active Grant

First Claim

Patent Images

1. A method for providing a cyber modeling and simulation framework, comprising:

receiving, at an ingest interface, network and vulnerability data associated with a node of a targeted network;

presenting, on a network visualization device, the network data and the vulnerability data;

creating a network model based on the network and vulnerability data presented on the network visualization device;

simulating a launching of threat attacks on the targeted network;

applying, to the simulated launching of threat attacks, modeled defenses against the threat attacks;

producing results from the simulating the launching of threat attacks and the applying the modeled defenses;

performing data farming on the simulation results using different scenarios to generate a farm of data; and

designing anti-cyber-attack strategies for the targeted network based on the performing the data farming.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of a system and method for a cyber modeling and simulation framework arc generally described herein. In some embodiments, an interface (212) for ingest of network and vulnerability data associated with a node of a targeted network, a network visualization device (232) for presenting the network data and the vulnerability data, and for creating a network model based on the network and vulnerability data, a threat analysis simulator (240) for launching threat attacks on the targeted network and for applying modeled defenses against the threat attacks, the threat analysis simulator producing simulation results (244) and a data farming module for performing data fanning on the simulation results using different scenarios to generate a farm of data for use in designing anti-cyber-attack strategies (280) for the targeted network.

74 Citations

View as Search Results

23 Claims

1. A method for providing a cyber modeling and simulation framework, comprising:
- receiving, at an ingest interface, network and vulnerability data associated with a node of a targeted network;
  
  presenting, on a network visualization device, the network data and the vulnerability data;
  
  creating a network model based on the network and vulnerability data presented on the network visualization device;
  
  simulating a launching of threat attacks on the targeted network;
  
  applying, to the simulated launching of threat attacks, modeled defenses against the threat attacks;
  
  producing results from the simulating the launching of threat attacks and the applying the modeled defenses;
  
  performing data farming on the simulation results using different scenarios to generate a farm of data; and
  
  designing anti-cyber-attack strategies for the targeted network based on the performing the data farming.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the designing the anti-cyber-attack strategies comprises designing anti-cyber-attack strategies based on identifying a metric inflection point in the farm of data.
  - 3. The method of claim 2, wherein the identifying the metric inflection point in the farm of data comprises visualizing the farm of data using the network visualization device and analyzing the visualized farm of data to detect the metric inflection point.
  - 4. The method of claim 1 further comprising scanning the network using a vulnerability scanner to provide the data associated with the node of the targeted network to the interface for ingest.
  - 5. The method of claim 1, wherein the presenting, on the network visualization device, the network data and the vulnerability data further comprises manipulating and visualizing the targeted network being simulated and conducting operations on a component tree and interconnections associated with the targeted network.
  - 6. The method of claim 1, wherein the simulating the launching of threat attacks and the applying the modeled defenses further comprises setting the threat attacks in opposition to the targeted network and selected defenses.
  - 7. The method of claim 1 further comprises storing resultant data from scenario runs created by the simulating the launching of threat attacks and the applying the modeled defenses and accessing the stored resultant data.
  - 8. The method of claim 1, wherein the performing data farming further comprises generating the farm of data based on metrics used to evaluate resiliency techniques and cyber threats.
  - 9. The method of claim 1 further comprises presenting the farm of data for post-processing to narrow an output of the farm of data into a grouping of data of interest based upon resiliency metrics.
  - 10. The method of claim 1, wherein the receiving, at the ingest interface, network and vulnerability data further comprises receiving the network and vulnerability data at a single common interface for disparate authoritative sources of device, application, hardware, vulnerability, and weakness data.

11. A cyber modeling and simulation framework, comprising:
- an interface for ingest of network and vulnerability data associated with a node of a targeted network;
  
  a network visualization device for presenting the network data and the vulnerability data , and for creating a network model based on the network and vulnerability data;
  
  a threat analysis simulator for launching threat attacks on the targeted network and for applying modeled defenses against the threat attacks, the threat analysis simulator producing simulation results; and
  
  a data farming module for performing data farming on the simulation results using different scenarios to generate a farm of data for use in designing anti-cyber-attack strategies for the targeted network.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The cyber modeling and simulation framework of claim 11, wherein the anti-cyber-attack strategies are based on an identification of a metric inflection point in the farm of data.
  - 13. The cyber modeling and simulation framework of claim 12, wherein the identification of the metric inflection point in the farm of data is based on visualization of the farm of data using the network visualization device.
  - 14. The cyber modeling and simulation framework of claim 11 further comprising a vulnerability scanner for providing the data associated with the node of the targeted network to the interface for ingest.
  - 15. The cyber modeling and simulation framework of claim 11, wherein the network visualization device is arranged to manipulate and visualize the targeted network being simulated and to conduct operations on a component tree and interconnections associated with the targeted network.
  - 16. The cyber modeling and simulation framework of claim 11, wherein the threat analysis simulator sets the threat attacks in opposition to the targeted network and selected defenses.
  - 17. The cyber modeling and simulation framework of claim 11 further comprises a data warehouse arranged to store resultant data from scenario runs executed by the threat analysis simulator, the resultant data accessible for analysis.
  - 18. The cyber modeling and simulation framework of claim 11, wherein the farm of data is generated by the data farming module based on metrics used to evaluate resiliency techniques and cyber threats.

19-21. -21. (canceled)

22. A method for providing a cyber modeling and simulation framework, comprising:
- receiving, at an ingest interface, network and vulnerability data associated with a node of a targeted network;
  
  presenting, on a network visualization device, the network data and the vulnerability data;
  
  creating a network model based on the network and vulnerability data presented on the network visualization device;
  
  simulating a launching of threat attacks on the targeted network;
  
  applying, to the simulated launching of threat attacks, modeled defenses against the threat attacks;
  
  producing results from the simulating the launching of threat attacks and the applying the modeled defenses; and
  
  designing anti-cyber-attack strategies for the targeted network based on the results from simulation of threat attack launches and application of modeled defenses.
- View Dependent Claims (23)
- - 23. The method of claim 22 further comprising performing data farming on the simulation results using different scenarios to generate a farm of data, wherein the designing anti-cyber-attack strategies for the targeted network based on the results from simulation of threat attack launches and application of modeled defenses further comprises designing anti-cyber-attack strategies for the targeted network based on the data farming.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Raytheon Company (Rtx Corporation)
Original Assignee
Paul F. Beraud III
Inventors
Hassell, Suzanne P., Beraud, Paul F. III, Cruz, Alen, Ganga, Gangadhar, Toennies, Justin W., Mastropietro, Brian J., Hester, Travis C., Hyde, David A., Martin, Stephen R., Pietryka, Frank, Srivastava, Niraj K.

Granted Patent

US 9,954,884 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/1433 Vulnerability analysis

H04L 63/1441 Countermeasures against mal...

METHOD AND DEVICE FOR SIMULATING NETWORK RESILIANCE AGAINST ATTACKS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

74 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND DEVICE FOR SIMULATING NETWORK RESILIANCE AGAINST ATTACKS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

74 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links