System and method providing custom attack simulation language for testing networks
First Claim
1. A development system for creating programs that simulate attacks against a computer network, the system comprising:
- a language specification specifying primitives facilitating simulation of an attack against a computer network;
a run-time library providing built-in routines facilitating simulation of an attack against a computer network, said built-in routines capable of being invoked through said primitives;
an authoring system for creating a program script specifying program instructions for simulating an attack against a computer network by constructing communication-protocol packets, said program script employing at least some of said primitives for simulating an attack against a computer network; and
a compiler for compiling said program script into a compiled program, said compiled program being deployed together with the run-time library to simulate an attack against a computer network upon execution by a run-time module.
10 Assignments
0 Petitions
Accused Products
Abstract
A development system providing a Custom Attack Simulation Language (CASL) for testing networks is described. In particular, the development system implements methodology for facilitating development of network attack simulations. The system includes an editor or authoring system for creating a source code description or Scripts (i.e., CASL-syntax Script) of the simulation program under development. The Scripts, in turn, are “compiled” by a CASL compiler into a compiled CASL program, that may then be used to simulate attacks against a network. CASL makes it easier for users, particularly network and system administrators, to experiment with and learn about the way their networks operate. Since networks work by exchanging packets of information, CASL focuses on allowing users to read and write packets directly to and from the network using a high level programming language. Unlike general-purpose scripting languages, CASL is designed specifically to make it easy to construct, read, and write raw network packets. In this manner, the system provides an extremely flexible and general way to manipulate networks and allows one to create simulation programs in just a few lines of CASL code, instead of hundreds of lines of code typically required when using conventional programming language environments.
113 Citations
33 Claims
-
1. A development system for creating programs that simulate attacks against a computer network, the system comprising:
-
a language specification specifying primitives facilitating simulation of an attack against a computer network;
a run-time library providing built-in routines facilitating simulation of an attack against a computer network, said built-in routines capable of being invoked through said primitives;
an authoring system for creating a program script specifying program instructions for simulating an attack against a computer network by constructing communication-protocol packets, said program script employing at least some of said primitives for simulating an attack against a computer network; and
a compiler for compiling said program script into a compiled program, said compiled program being deployed together with the run-time library to simulate an attack against a computer network upon execution by a run-time module. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. In a computing system, a method for creating programs that simulate attacks against a computer network, the method comprising:
-
defining a language specification that specifies primitives facilitating simulation of an attack against a computer network;
providing a run-time library having built-in routines facilitating simulation of an attack against a computer network, said built-in routines capable of being invoked through said primitives;
creating a program script specifying program instructions for simulating an attack against a computer network by constructing communication-protocol packets, said program script employing at least some of said primitives for simulating an attack against a computer network; and
compiling said program script into a compiled program, said compiled program being deployed together with the run-time library to simulate an attack against a computer network upon execution by a run-time module. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
-
-
29. The method of claim 21, wherein said language specification supports a list data type, for allowing the creation of an arbitrary collection of data.
-
30. The method of claim 29, wherein said list data type is employed for representing packet and protocol information.
-
31. The method of claim 21, wherein said language specification supports definition of an arbitrary packet type.
-
32. The method of claim 31, wherein said language specification provides a define keyword allowing one to define a packet type to comprise a series of field definitions.
-
33. The method of claim 32, wherein each field definition comprises a name, a size, and a value for the field.
Specification