This chapter presents SEA++, a simulation framework that extends OMNeT++ and the INET Framework for evaluating the impact of security attacks on networks and applications in a flexible and user-friendly way. To this end, SEA++ relies on two fundamental building blocks. First, the user describes the attacks to be evaluated by using a high-level Attack Specification Language (ASL). In particular, only the final effects of such attacks are described, rather than their actual performance. Second, the Attack Simulation Engine (ASE) takes these high-level descriptions as input and accordingly injects attack events at runtime, by means of additional software modules that seamlessly and transparently operate with the other INET modules. This allows the user to quantitatively assess the impact of cyber/physical attacks in simulated network scenarios, and hence rank them according to their severity as a support to risk assessment and selection of countermeasures. As a further advantage, the user is not required to alter any software module or application, or to implement any adversary model for the actual execution of security attacks. Finally, this chapter also includes a step-by-step explicative example showing how to set up and use SEA++ for describing attacks and assessing their impact.

SEA++: A Framework for Evaluating the Impact of Security Attacks in OMNeT++/INET

Gianluca Dini
Secondo
;
Francesco Racciatti
Penultimo
;
2019-01-01

Abstract

This chapter presents SEA++, a simulation framework that extends OMNeT++ and the INET Framework for evaluating the impact of security attacks on networks and applications in a flexible and user-friendly way. To this end, SEA++ relies on two fundamental building blocks. First, the user describes the attacks to be evaluated by using a high-level Attack Specification Language (ASL). In particular, only the final effects of such attacks are described, rather than their actual performance. Second, the Attack Simulation Engine (ASE) takes these high-level descriptions as input and accordingly injects attack events at runtime, by means of additional software modules that seamlessly and transparently operate with the other INET modules. This allows the user to quantitatively assess the impact of cyber/physical attacks in simulated network scenarios, and hence rank them according to their severity as a support to risk assessment and selection of countermeasures. As a further advantage, the user is not required to alter any software module or application, or to implement any adversary model for the actual execution of security attacks. Finally, this chapter also includes a step-by-step explicative example showing how to set up and use SEA++ for describing attacks and assessing their impact.
2019
Tiloca, Marco; Dini, Gianluca; Racciatti, Francesco; Stagkopoulou, Alexandra
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11568/1067482
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? ND
social impact