The EXata+Cyber package is a bundle of the EXata simulation/emulation platform plus the Cyber Behavior Model Library (Cyber Library). All of the capabilities of EXata are available, providing the same advantages and benefits. The addition of the Cyber Library allows you to evaluate communications models for their resiliency or vulnerability to cyber attack using our computer networking simulation software.
Security elements can be added to EXata network models, and, representing a cyber attack, scenarios can be run that utilize attack elements which cause the network information flows to degrade. This computer networking simulation software enables the user to gain unique visibility into how a network and the applications that use it will respond during a cyber attack.
The Cyber Library implements a broad range of attack characteristics which can be focused in a variety of ways against a software virtual network. The user can dynamically launch cyber warfare features on a model, including eavesdropping, radio jamming attacks, distributed denial of service (DDoS) attacks, and a variety of attacks detectable with 3rd party network intrusion detection software (NIDS) like snort. Attacks can be targeted on specialized networks like wireless, wired, mobile ad-hoc (MANET) and tactical networks. Computer networking simulation allows the users to analyze their impact on the network itself, the applications and the end-users.
EXata+Cyber implements the following cyber behavior models:
- IPSec: At the Network Layer, EXata+Cyber provides support for IP Security (IPSec), which provides a cryptographically based security for IPv4 and IPv6
- WEP/CCMP: At the link layer, EXata+Cyber provides support for Wired Equivalent Privacy (WEP) and its secured successor, Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). WEP is a MAC Layer security protocol intended to provide security for the wireless LAN equivalent to the security provided in a wired LAN. CCMP is an IEEE 802.11i encryption protocol designed to replace WEP.
- Public Key Infrastructure (PKI): A PKI is an infrastructure that uses digital certificates as an authentication mechanism and is built to better manage certificates and their associated keys. A digital certificate is itself a way to reliably identify the user or computer claiming to be the owner of a specific public key.
- Secure Neighbor Model: The Secure Neighbor model simulates the authentication by a node of each of its one-hop neighbors’ identity and location, in a mobile environment.
- Virus Attack Model: In EXata+Cyber, a virus attack is modeled as the attacker node sending packets with payloads that contain signatures of some well-known attacks. Note that these packets do not contain any actual virus payload, only their signatures. It is expected that any Intrusion Detection Systems (IDS) or Anti-Virus Software can detect the signature of these packets and classify them as malicious.
- Wireless Eavesdropping Model: Eavesdropping is a passive attack where an intruder node attempts to capture private information from a network. In wireless eavesdropping, the intruder node configures its radio to be on the same channel as the victim network and promiscuously listens for broadcast transmissions that are destined for member nodes of the network.
- Wireless Jamming Model: Jamming is transmission of radio signals at sufficiently high energy to cause disruption of communication for nearby radios. The signals transmitted by jammers interfere with other legitimate signals in the vicinity of the jammer, causing the signal to noise ratio of the latter signals to drop significantly and resulting in corruption of those signals.
- CPU and Memory Resource Model: The CPU and Memory Resource Model monitors the allocation, consumption, and depletion of resources for a node. This model is used in conjunction with the DOS attack model. The DOS attack model attempts to consume the resources at the victim node, causing the victim node to fail when the resources are completely depleted.