Information Trust Institute block of abstract images
Information Trust Institute block of abstract images

S3F Scalable Simulation Framework

Complex systems, Control systems, Formal methods, Modeling & simulation, SCADA, Security assessment, Smart grid, Software, Training

http://www.project-moses.net

The Project Moses team led by David M. Nicol has made contributions to the SSFNet models in two areas: 1) through model packages contributed to the Java implementation, including models of Distributed Denial of Service (DDoS) attacks and large-scale worm attacks; and 2) through porting of the SSFNet framework onto the ISSF C++ kernel, thus gaining more performance in parallel and distributed execution.

The DDoS package, named SSF.App.DDoS, has since its inception been a part of the standard SSFNet distribution. It provides facilities to set up a SYN-flood-based DDoS attack scenario in an SSFNet simulation. The package also includes some preliminary models of trace-back schemes based on Netflow data analysis for tracing spoofed attack sources back to their origins.

The worm attack package, named SSF.App.Worm, uses multi-resolution modeling techniques to model large-scale Internet worm attacks in terms of both large-scale dynamics and local detailed infrastructure effects. It has been used to study worm impact on the inter-domain routing infrastructure and to study the effectiveness of proposed worm defenses. In cooperation with collaborators at the Institute for Security Technology studies, it has also been used to generate realistic test traffic for a working worm detection system prototype.

Wide Area Topology that is a Simplified Version of the Network of a Large IP Network Provider
Wide Area Topology that is a Simplified Version of the Network of a Large IP Network Provider