Galaxy: A Network Emulation Framework for Cybersecurity

The arms race of cyber warfare is growing increasingly asymmetric as defensive security practitioners struggle to successfully harden their domains without overly restricting their users, profits, and overall mission. Vulnerabilities span across technologies, business policies, and human behaviors, allowing cyber attackers to select the attack surface that best fits their strengths. This paper introduces the first version of Galaxy, a fine-control, high-fidelity computer network emulation framework designed to support rapid, parallel experimentation with the automated design of software agents in mind. Our framework provides a modular environment to experiment with arbitrary defense and attack strategies under a wide variety of business requirements and accounting for the productivity of users, allowing cybersecurity practitioners to consider the unique constraints of their real-world systems. We demonstrate the effectiveness of Galaxy for the use of an evolutionary algorithm to generate enumeration strategies for attacker agents.