Flood attack projection model

US 8,122,504 B1
Filed: 10/15/2009
Issued: 02/21/2012
Est. Priority Date: 10/14/2004
Status: Active Grant

First Claim

Patent Images

1. A method of simulating a flood attack in a communication network comprising:

providing a communication network comprising;

a plurality of nodes including an active host node and a plurality of further active nodes, said plurality of further active nodes including a target node and a plurality of participating nodes that participate in the flood attack simulation;

a network component that transports packets, installed on each of said plurality of further active nodes;

an attack handler on each of the participating nodes of said plurality of further active nodes; and

an attack master program;

each of said attack handlers generating virtual messages of an attack model projected forward in time, wherein said virtual messages include normal system component models also projected forward in time;

sending said virtual messages to said target node and others of said attack handlers, said participating nodes not including said target node;

injecting said attack handlers onto said participating nodes and sending an initiate simulated attack message to said attack handlers disposed on said active host node;

causing said virtual messages of an attack model to propagate through said communication network, whereby the communication network'"'"'s operation is not disrupted because the virtual messages of an attack model are projected forward in time.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A flood attack of an information system is simulated by injecting an algorithmically compressed flood attack model into the information system to assess the effect of the attack upon the system. The flood attack model propagates from node to node throughout the system by way of virtual messages that time-project the flood attack model and do not disrupt system operation while the simulated flood attack is taking place. Programs of executable code installed on nodes of the information system generate and send the virtual messages describing the flood attack.

Citations

8 Claims

1. A method of simulating a flood attack in a communication network comprising:
- providing a communication network comprising;
  
  a plurality of nodes including an active host node and a plurality of further active nodes, said plurality of further active nodes including a target node and a plurality of participating nodes that participate in the flood attack simulation;
  
  a network component that transports packets, installed on each of said plurality of further active nodes;
  
  an attack handler on each of the participating nodes of said plurality of further active nodes; and
  
  an attack master program;
  
  each of said attack handlers generating virtual messages of an attack model projected forward in time, wherein said virtual messages include normal system component models also projected forward in time;
  
  sending said virtual messages to said target node and others of said attack handlers, said participating nodes not including said target node;
  
  injecting said attack handlers onto said participating nodes and sending an initiate simulated attack message to said attack handlers disposed on said active host node;
  
  causing said virtual messages of an attack model to propagate through said communication network, whereby the communication network'"'"'s operation is not disrupted because the virtual messages of an attack model are projected forward in time.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method as in claim 1, wherein sending said virtual messages to said target node and others of said attack handlers includes sending a packet to a driving process node of said communication network.
  - 3. The method as in claim 1, further comprising providing a java properties file that stores said attack model and wherein generating said virtual messages of an attack model comprises inserting a description of said flood attack from said java properties file.
  - 4. The method as in claim 1, further comprising injecting virtual component models of normal operation of said communication network.
  - 5. The method as in claim 1, further comprising providing a simulated network service as an attack target, on a target node of said communication network.
  - 6. The method as in claim 1, wherein said injecting and said causing steps comprise an attack master program injecting an attack handler program on a plurality of nodes of said communication network, each attack handler program receiving instructions from said attack master program and generating virtual messages describing said flood attack.
  - 7. The method as in claim 1, wherein generating said virtual messages of an attack model projected forward in time includes algorithmically compressing a description of said flood attack by representing information about said flood attack in the form of executable code.
  - 8. The method as in claim 7, wherein said virtual messages of an attack model are active packets carrying executable code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Original Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Inventors
Bush, Stephen Francis, Kulkami, Amit Bhavanishankar
Primary Examiner(s)
Lipman, Jacob

Application Number

US12/579,456
Time in Patent Office

859 Days
Field of Search

726/22
US Class Current

726/22
CPC Class Codes

H04L 63/1433 Vulnerability analysis

Flood attack projection model

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Flood attack projection model

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links