Network security modeling system and method
First Claim
Patent Images
1. A method of analyzing a computer network using a security modeling system, wherein the security modeling system includes a simulator, wherein the simulator includes a vulnerabilities database of network vulnerability information, the method comprising:
- providing a network configuration of a computer network;
simulating the computer network based on the network configuration, wherein simulating the network includes;
receiving mission objectives;
storing the mission objectives; and
simulating the network based on the network configuration and the mission objectives; and
determining vulnerabilities of the computer network using the network vulnerability information stored in the vulnerabilities database, wherein the vulnerabilities database includes an entry for each of a plurality of known network vulnerabilities, wherein each entry includes a service to which the known network vulnerability applies, defense conditions that might close the vulnerability, and resource and state conditions needed to exercise the vulnerability;
wherein determining vulnerabilities includes computing security results, wherein the security results include a security score.
14 Assignments
0 Petitions
Accused Products
Abstract
A network security modeling system which simulates a network and analyzes security vulnerabilities of the network. The system includes a simulator which includes a network vulnerabilities database and a network configuration module having network configuration data. The simulator determines vulnerabilities of the simulated network based on the network configuration data and the vulnerabilities database.
217 Citations
18 Claims
-
1. A method of analyzing a computer network using a security modeling system, wherein the security modeling system includes a simulator, wherein the simulator includes a vulnerabilities database of network vulnerability information, the method comprising:
-
providing a network configuration of a computer network; simulating the computer network based on the network configuration, wherein simulating the network includes; receiving mission objectives; storing the mission objectives; and simulating the network based on the network configuration and the mission objectives; and determining vulnerabilities of the computer network using the network vulnerability information stored in the vulnerabilities database, wherein the vulnerabilities database includes an entry for each of a plurality of known network vulnerabilities, wherein each entry includes a service to which the known network vulnerability applies, defense conditions that might close the vulnerability, and resource and state conditions needed to exercise the vulnerability; wherein determining vulnerabilities includes computing security results, wherein the security results include a security score. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of opposing network attackers comprising:
-
receiving a network configuration, wherein the network configuration comprises computer hardware and software component information; receiving mission objectives including critical resource information used to determine network components that are involved in a specific attack scenario; receiving commands from a network attacker; simulating the network based on the commands received from the network attacker, wherein simulating the network includes determining results as a function of the network configuration, mission objectives and stored vulnerability data for the described computer hardware and software components, wherein determining results includes computing security results which include a security score; and responding to the network attacker, wherein responding to the attacker includes imposing barriers, providing response messages and protecting the network. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A security modeling system for simulating objective networks, comprising:
-
a simulator having a plurality of databases, wherein the plurality of databases include mission objectives tables including information used to determine network components that are involved in a specific attack scenario, vulnerability tables, and network configuration tables, wherein the network configuration tables include network configuration data; and a graphical user interface which operates with the simulator to allow input and output to clients; wherein the network configuration tables include configuration tables, defense tables, filter tables, node tables, routing tables and password tables. - View Dependent Claims (15, 16)
-
-
17. A machine-readable medium that provides instructions, which when executed by a machine, cause said machine to perform operations comprising:
-
providing a network configuration of a computer network; simulating the network based on the network configuration, wherein simulating the network includes; receiving mission objectives; storing the mission objectives; and simulating the network based on the network configuration and mission objectives; and determining vulnerabilities of the simulated network using the vulnerability information stored in a vulnerabilities database, wherein determining vulnerabilities includes computing security results, wherein the security results include a security score; wherein the vulnerabilities database includes an entry for each of a plurality of known network vulnerabilities, wherein each entry includes the service to which it the known network vulnerability applies, defense conditions that might close the vulnerability, and resource and state conditions needed to exercise the vulnerability. - View Dependent Claims (18)
-
Specification