CENTRAL EMULATOR DEVICE AND METHOD FOR DISTRIBUTED EMULATION
First Claim
1. An emulation system configured to hardware-emulate network security operations for a network of computing devices, the emulation system comprising:
- a central controller; and
a plurality of distributed processing elements, the central controller and each of the distributed processing elements comprising processing circuitry and memory;
a portion of each distributed processing element configured to operate as a distributed emulator, each portion dedicated to emulation of the network security operations by one of the computing devices,wherein the central controller is configured to;
monitor a synchronous emulation of a network security algorithm implemented on the distributed processing elements, the synchronous emulation including random generation of security events at the distributed processing elements;
the security events comprising, at least an emulation of an attempted unauthorized access at one of the distributed processing elements, to simulate an attempted unauthorized access at one of the computing devices,in response to a security event, send a pause command to the distributed processing elements to pause the synchronous emulation and to instruct the distributed processing elements to send state variables of the distributed processing elements at a time of the security event;
determine, based at least partly on the state variables at the security event time, a security performance level of the network security algorithm for a group of settings of the network security algorithm at the security event time;
store a global snapshot of the state variables at the security event time to enable the synchronous emulation to be reverted to the security event time from arbitrary times subsequent to the security event time for security performance evaluation of the network security algorithm.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of a central emulator, distributed emulator and method for emulation of a system are generally described herein. The central emulator may receive state variables from distributed emulators at various emulation times. As an example, such an emulation time may be related to an emulation event at one of the distributed emulators. The central emulator may determine global snapshots of the system emulation for the emulation times based on the state variables. The global snapshots may be used to control a timing of the system emulation for operations such as rewinding, pausing, forwarding and/or setting to a target time.
12 Citations
21 Claims
-
1. An emulation system configured to hardware-emulate network security operations for a network of computing devices, the emulation system comprising:
- a central controller; and
a plurality of distributed processing elements, the central controller and each of the distributed processing elements comprising processing circuitry and memory;
a portion of each distributed processing element configured to operate as a distributed emulator, each portion dedicated to emulation of the network security operations by one of the computing devices,wherein the central controller is configured to; monitor a synchronous emulation of a network security algorithm implemented on the distributed processing elements, the synchronous emulation including random generation of security events at the distributed processing elements; the security events comprising, at least an emulation of an attempted unauthorized access at one of the distributed processing elements, to simulate an attempted unauthorized access at one of the computing devices, in response to a security event, send a pause command to the distributed processing elements to pause the synchronous emulation and to instruct the distributed processing elements to send state variables of the distributed processing elements at a time of the security event; determine, based at least partly on the state variables at the security event time, a security performance level of the network security algorithm for a group of settings of the network security algorithm at the security event time; store a global snapshot of the state variables at the security event time to enable the synchronous emulation to be reverted to the security event time from arbitrary times subsequent to the security event time for security performance evaluation of the network security algorithm. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- a central controller; and
-
9. A non-transitory computer-readable storage medium that stores instructions for execution by one or more processors of a central controller to perform operations to control a synchronous emulation of a network by a plurality of distributed processing elements, each distributed processing element to emulate network operations of a computing device of the network, the operations to configure the one or more processors of the central controller to:
-
send a pause command to the distributed processing elements to pause the synchronous emulation at an arbitrary pause time and to instruct the distributed processing elements to send state variables of the distributed processing elements at the pause time; store a global snapshot of the state variables at the pause time to enable the synchronous emulation to be reverted to the pause time from arbitrary times subsequent to the pause time; for each of multiple candidate groups of settings of a network security algorithm; instruct the distributed processing elements to resume the synchronous emulation from the pause time and in accordance with the candidate group of settings of the network security algorithm; receive, from the distributed processing elements, an indication that a security event has been emulated; determine, based at least partly on state variables of the distributed processing elements at a time of the security event, a security performance level of the network security algorithm for the candidate group of settings of the network security algorithm; revert the synchronous emulation to the pause time by sending the global snapshot of the pause time to the distributed processing elements. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method of controlling a synchronous emulation of a network of computing devices by a plurality of distributed processing elements, each distributed processing element to emulate network operations of one of the computing devices, the method comprising:
-
sending a pause command to the distributed processing elements to pause the synchronous emulation at an arbitrary pause time and instructing the distributed processing elements to send state variables of the distributed processing elements at the pause time; storing a global snapshot of the state variables at the pause time to enable the synchronous emulation to be reverted to the pause time from arbitrary times subsequent to the pause time; for each of multiple candidate groups of settings of a network security algorithm; instructing the distributed processing elements to resume the synchronous emulation from the pause time and in accordance with the candidate group of settings of the network security algorithm; receiving, from the distributed processing elements, an indication that a security event has been emulated; determining, based at least partly on state variables of the distributed processing elements at a time of the security event, a security performance level of the network security algorithm for the candidate group of settings of the network security algorithm; reverting the synchronous emulation to the pause time by sending the global snapshot of the pause time to the distributed processing elements. - View Dependent Claims (15)
-
-
16. A central emulator, comprising:
- memory; and
processing circuitry, configured to;decode, from a group of emulators operating on one or more remote host devices, an indication that an event has been emulated as part of a system emulation of device operation of a group of devices; determine a global snapshot for an emulation time of the event based on one or more state variables of the emulators at the emulation time; and encode, for transmission to the emulators; an indicator that the system emulation is to be reverted from a current emulation time to the emulation time of the event, and the global snapshot for the emulation time of the event. - View Dependent Claims (17, 18, 19, 20, 21)
- memory; and
Specification