RINSE: The Real-Time Immersive Network Simulation Environment for network security exercises (extended version)

摘要

The Internet is becoming hostile day-by-day and organizations are relying more on the Internet for their operations. Hence, a Livewire cyber war exercise was conducted by the Department of Homeland Security to know the preparedness of the industrial sectors and government agencies for such attacks. The results of the exercise resulted in the development of improved tools to automatically determine the impact of the network from the attacks and to provide network simulation tools. The research work is trying to develop the Real-Time Immersive Network Simulation Environment (RINSE) for network security exercises for such purposes. The goal of RINSE is to manage large scale, real-time human/machine-in-the-loop network simulation with a focus on security for exercises and training. Though there are several simulators of the same nature, the authors state that the focus of RINSE is on multiresolution traffic modeling, multiresolution attack models, and new routing simulation methods. In addition, some specific new contributions would also be added, such as a technique for absorbing outside network latency into the simulation model and for models including CPU and memory effects into network simulations. In Section 2 of the paper, the RINSE architecture is presented. In Section 3, the authors present the real time simulation support. In addition to the RINSE network viewer client, the researchers are in the process of developing a simulation network management protocol (SNMP) to monitor and control the simulated network devices through industry standard network management tools. This is discussed in Section 3 of the paper. In Section 4 of the paper, the multiresolution traffic models are discussed. While Section 5 presents the attack models, Section 6 focuses on the routing of traffic. Based on the previous experiences with RINSE, the researchers state that it became apparent that the network model will need to capture the constraints on computational resources in hosts and routers partly because of target by denial of service attacks and feasible defenses. Therefore, models on computational resources and memory models are needed. The authors have presented the CPU model in Section 7 of the paper. The results and the ongoing refinements of RINSE are presented in Section 8 of the paper.