short-paper

VINE: A Cyber Emulation Environment for MTD Experimentation

Authors:

Adrian GranadosAuthors Info & Claims

MTD '15: Proceedings of the Second ACM Workshop on Moving Target Defense

Pages 43 - 47

https://doi.org/10.1145/2808475.2808486

Published: 12 October 2015 Publication History

Get Access

Abstract

Dynamic and moving target defenses are generally characterized by their ability to modify their own state, or the state of the protected target. As such, the evolution of these kinds of defenses require specialized experiments that can capture their behavior and effectiveness through time, as well as their broader impacts in the network. While specialized experiments can be constructed to evaluate specific defenses, there is a need for a general approach that will facilitate such tasks. In this work we introduce VINE, a high-fidelity cyber experimentation environment designed for the study and evaluation of dynamic and moving target defenses. VINE provides a common infrastructure supporting the construction, deployment, execution, and monitoring of complex mission-driven network scenarios that are fully instrumented. The tool was designed to be scalable, extensible, and highly configurable to enable the study of cyber defense strategies under dynamic background traffic and attack conditions, making VINE well-suited for the study of adaptive and moving target defenses. In this paper we introduce the VINE approach, the VINE architecture for MTD experimentation, and provide an illustrative example of the framework in action.

References

[1]

M. Carvalho, T. C. Eskridge, L. Bunch, A. Dalton, R. Hoffman, J. M. Bradshaw, P. J. Feltovich, D. Kidwell, and T. Shanklin. Mtc2: A command and control framework for moving target defense and cyber resilience. In Resilient Control Systems (ISRCS), 2013 6th International Symposium on, pages 175--180, 2013.

Crossref

Google Scholar

[2]

M. Carvalho and M. Marcon. Genesis. Technical Report HIAI-TR-15--3--1, Florida Institute of Technology, 2015.

Google Scholar

[3]

M. M. Carvalho, J. M. Bradshaw, L. Bunch, T. C. Eskridge, P. J. Feltovich, R. R. Hoffman, and D. Kidwell. Command and control requirements for moving-target defense. IEEE Intelligent Systems, 27(3):79--85, 2012.

Digital Library

Google Scholar

[4]

J. Mirkovic, T. V. Benzel, T. Faber, R. Braden, J. T. Wroclawski, M. D. Rey, and S. Schwab. The DETER Project: Advancing the science of cyber security experimentation and test. pages 1--7, 2010.

Google Scholar

[5]

Naval Research Lab. Extendable mobile ad-hoc network emulator (EMANE), 2015.

Google Scholar

[6]

P. Ogren. Increasing Modularity of UAV Control Systems using Computer Game Behavior Trees. American Institute of Aeronautics and Astronautics, 2015/06/15 2012.

Google Scholar

[7]

Rapid7. Penetration testing software | metasploit, 2015.

Google Scholar

[8]

E. L. Stoner. A foundation for cyber experimentation. Master's thesis, Computer Science, 2015.

Google Scholar

[9]

The OpenStack Foundation. OpenStack open source cloud computing software, 2015.

Google Scholar

Cited By

View all

Zhu ZChen MZhu CZhu Y(2023)Effective Defense Strategies in Network Security using improved Double Dueling Deep Q-networkComputers & Security10.1016/j.cose.2023.103578(103578)Online publication date: Nov-2023
https://doi.org/10.1016/j.cose.2023.103578
Zheng YLi ZXu XZhao Q(2022)Dynamic defenses in cyber security: Techniques, methods and challengesDigital Communications and Networks10.1016/j.dcan.2021.07.0068:4(422-435)Online publication date: Aug-2022
https://doi.org/10.1016/j.dcan.2021.07.006
Hernández-Ramos JKaropoulos GGeneiatakis DMartin TKambourakis GFovino I(2021)Sharing Pandemic Vaccination Certificates through Blockchain: Case Study and Performance EvaluationWireless Communications and Mobile Computing10.1155/2021/24278962021(1-12)Online publication date: 24-Aug-2021
https://doi.org/10.1155/2021/2427896
Show More Cited By

Index Terms

VINE: A Cyber Emulation Environment for MTD Experimentation
1. Networks
  1. Network services
    1. Network management
    2. Network monitoring

Recommendations

D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks

Defenses against flooding distributed denial-of-service (DDoS) commonly respond to the attack by dropping the excess traffic, thus reducing the overload at the victim. The major challenge is the differentiation of the legitimate from the attack traffic, ...
Using network flow data to analyse distributed reflection denial of service (DRDoS) attacks, as observed on the South African national research and education network (SANReN): a postmortem analysis of the memcached attack on the SANReN
SAICSIT '18: Proceedings of the Annual Conference of the South African Institute of Computer Scientists and Information Technologists

Distributed Denial of Service (DDoS) attacks cause significant disruption on critical networks within South Africa. Timely detection and mitigation is a key concern for the SANReN Cyber Security Incident Response Team (CSIRT). This paper presents an ...
Evolution of network enumeration strategies in emulated computer networks
GECCO '18: Proceedings of the Genetic and Evolutionary Computation Conference Companion

Successful attacks on computer networks today do not often owe their victory to directly overcoming strong security measures set up by the defender. Rather, most attacks succeed because the number of possible vulnerabilities are too large for humans to ...

Comments

Information & Contributors

Information

Published In

MTD '15: Proceedings of the Second ACM Workshop on Moving Target Defense

October 2015

114 pages

ISBN:9781450338233

DOI:10.1145/2808475

Program Chairs:
George Cybenko
Dartmouth College, USA
,
Dijiang Huang
Arizona State University, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

CCS'15

Sponsor:

SIGSAC

CCS'15: The 22nd ACM Conference on Computer and Communications Security

October 12, 2015

Colorado, Denver, USA

Acceptance Rates

MTD '15 Paper Acceptance Rate 8 of 19 submissions, 42%;

Overall Acceptance Rate 40 of 92 submissions, 43%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
425
Total Downloads

Downloads (Last 12 months)22
Downloads (Last 6 weeks)2

Reflects downloads up to 28 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Zhu ZChen MZhu CZhu Y(2023)Effective Defense Strategies in Network Security using improved Double Dueling Deep Q-networkComputers & Security10.1016/j.cose.2023.103578(103578)Online publication date: Nov-2023
https://doi.org/10.1016/j.cose.2023.103578
Zheng YLi ZXu XZhao Q(2022)Dynamic defenses in cyber security: Techniques, methods and challengesDigital Communications and Networks10.1016/j.dcan.2021.07.0068:4(422-435)Online publication date: Aug-2022
https://doi.org/10.1016/j.dcan.2021.07.006
Hernández-Ramos JKaropoulos GGeneiatakis DMartin TKambourakis GFovino I(2021)Sharing Pandemic Vaccination Certificates through Blockchain: Case Study and Performance EvaluationWireless Communications and Mobile Computing10.1155/2021/24278962021(1-12)Online publication date: 24-Aug-2021
https://doi.org/10.1155/2021/2427896
Tong QGuo Y(2021)A comprehensive evaluation of diversity systems based on mimic defenseScience China Information Sciences10.1007/s11432-020-3008-164:12Online publication date: 9-Nov-2021
https://doi.org/10.1007/s11432-020-3008-1
Geneiatakis DSoupionis YSteri GKounelis INeisse RNai-Fovino I(2020)Blockchain Performance Analysis for Supporting Cross-Border E-Government ServicesIEEE Transactions on Engineering Management10.1109/TEM.2020.297932567:4(1310-1322)Online publication date: Nov-2020
https://doi.org/10.1109/TEM.2020.2979325
Tanasache FSorella MBonomi SRapone RMeacci DHansdah RKrishnaswamy DVaidya N(2019)Building an emulation environment for cyber security analyses of complex networked systemsProceedings of the 20th International Conference on Distributed Computing and Networking10.1145/3288599.3288618(203-212)Online publication date: 4-Jan-2019
https://dl.acm.org/doi/10.1145/3288599.3288618
Nembhard FCarvalho MEskridge T(2018)Extracting Knowledge from Open Source Projects to Improve Program SecuritySoutheastCon 201810.1109/SECON.2018.8478906(1-7)Online publication date: Apr-2018
https://doi.org/10.1109/SECON.2018.8478906
Evans NHorsthemke W(2018)Active Defense TechniquesCyber Resilience of Systems and Networks10.1007/978-3-319-77492-3_10(221-246)Online publication date: 30-May-2018
https://doi.org/10.1007/978-3-319-77492-3_10
Pal PSoule NLageman NClark SCarvalho MGranados AAlves A(2017)Adaptive Resource Management Enabling Deception (ARMED)Proceedings of the 12th International Conference on Availability, Reliability and Security10.1145/3098954.3103151(1-8)Online publication date: 29-Aug-2017
https://dl.acm.org/doi/10.1145/3098954.3103151
Mammadov SMehta DStoner ECarvalho M(2017)High fidelity adaptive cyber emulation2017 IEEE Symposium Series on Computational Intelligence (SSCI)10.1109/SSCI.2017.8285392(1-8)Online publication date: Nov-2017
https://doi.org/10.1109/SSCI.2017.8285392
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks

Using network flow data to analyse distributed reflection denial of service (DRDoS) attacks, as observed on the South African national research and education network (SANReN): a postmortem analysis of the memcached attack on the SANReN

Evolution of network enumeration strategies in emulated computer networks

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations