SYSTEM AND METHOD FOR SIMULATING COMPUTER NETWORK ATTACKS
First Claim
1. A method of providing computer network attack simulation, comprising the steps of:
- receiving a network configuration and a network setup description;
simulating the network configuration based on the received network configuration;
receiving at least one confirmed vulnerability of at least one computer, machine, or network device in the simulated network;
receiving a method for compromising the confirmed vulnerability of the at least one computer, machine, or network device; and
virtually installing a network agent on the at least one computer, machine, or network device, wherein the network agent allows a penetration tester to execute arbitrary operating system calls on the at least one computer, machine, or network device.
13 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a system and method for providing computer network attack simulation. The method includes the steps of: receiving a network configuration and setup description; simulating the network configuration based on the received network configuration; receiving at least one confirmed vulnerability of at least one computer, machine, or network device in the simulated network; receiving a method for compromising the confirmed vulnerability of the at least one computer, machine, or network device; and virtually installing a network agent on the at least one computer, machine, or network device, wherein the network agent allows a penetration tester to execute arbitrary operating system calls on the at least one computer, machine, or network device.
98 Citations
4 Claims
-
1. A method of providing computer network attack simulation, comprising the steps of:
-
receiving a network configuration and a network setup description; simulating the network configuration based on the received network configuration; receiving at least one confirmed vulnerability of at least one computer, machine, or network device in the simulated network; receiving a method for compromising the confirmed vulnerability of the at least one computer, machine, or network device; and virtually installing a network agent on the at least one computer, machine, or network device, wherein the network agent allows a penetration tester to execute arbitrary operating system calls on the at least one computer, machine, or network device. - View Dependent Claims (2)
-
-
3. A method of providing computer network attack simulation, comprising the steps of:
-
receiving a network configuration and a setup description, wherein the network configuration contains at least one of the group consisting of a computer, a machine, and a network device, to be simulated; simulating the network configuration based on the received network configuration; receiving at least one virtual process or service to be run in one of the simulated computer, machine, or network device; and receiving a method for performing information gathering within the simulated network, the information gathering method comprising an arbitrary sequence of system calls. - View Dependent Claims (4)
-
Specification
-
- Resources
-
Current AssigneeEcrime Management Strategies, Inc.
-
Original AssigneeCore SDI, Inc.
-
InventorsMiranda, Fernando Carlos, Orlicki, Jose Ignacio, Sarraute Yamada, Carlos Emilio, Futoransky, Ariel
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/25
-
CPC Class CodesH04L 41/048 mobile agentsH04L 43/50 Testing arrangementsH04L 63/1433 Vulnerability analysis
