学术文献库

Sandia has an extensive background in cybersecurity research and is currently extending its state-of-the-art modeling via emulation capability. However, a key part of Sandia's modeling methodology is the discovery and specification of the information-system under study, and the ability to recreate that specification with the highest fidelity possible in order to extrapolate meaningful results. This work details a method to conduct information system discovery and develop tools to enable the creation of high-fidelity emulation models that can be used to enable assessment of our infrastructure information system security posture and potential system impacts that could result from cyber threats. The outcome are a set of tools and techniques to go from network discovery of operational systems to emulating complex systems. As a concrete usecase, we have applied these tools and techniques at Supercomputing 2016 to model SCinet, the world's largest research network. This model includes five routers and nearly 10,000 endpoints which we have launched in our emulation platform.