Cyber-Argus: Modeling C2 Impacts of Cyber Attacks

摘要

Cyber security is often only seen as protecting networks. However, during critical operations, there is a desire to detect, assess and respond to cyber threats. Given the unknown vulnerabilities of large, complex Command and Control (C2) systems, organizations will protect the most critical assets essential for mission success. Cyber-ARGUS is a methodology that provides a mapping between the cyber and the operational domains, substantially improving the monitoring of information infrastructure (networks) supporting missions by correlating their status to mission goals. This enables a proactive, context- based response to ensure that cyber attacks will not affect ongoing operations. Cyber-ARGUS relies upon a unique approach of modeling the network and the mission separately. After modeling the mission, the mission s tasks are mapped into services required for the mission, and these services are allocated to network nodes to form a Mission Network Graph. A vulnerability assessment and an enemy behavior analysis are conducted to determine which vulnerabilities the network is exposed to. This information is then used to adjust the node values in the Mission Network Graph, represented as a Bayesian Network, to calculate the impact assessment for each node. Finally, a simulation is run using both an Entity Level simulation and a Network emulator to determine the C2 impact of a cyber attack on the Mission.