Galaxy: A Network Emulation Framework for Cybersecurity

Authors: 

Kevin Schoonover, Missouri University of Science and Technology; Eric Michalak, Los Alamos National Laboratory; Sean Harris, Adam Gausmann, Hannah Reinbolt, and Daniel R. Tauritz, Missouri University of Science and Technology; Chris Rawlings, Los Alamos National Laboratory; Aaron Scott Pope, Missouri University of Science and Technology

Abstract: 

The arms race of cyber warfare is growing increasingly asymmetric as defensive security practitioners struggle to successfully harden their domains without overly restricting their users, profits, and overall mission. Vulnerabilities span across technologies, business policies, and human behaviors, allowing cyber attackers to select the attack surface that best fits their strengths. This paper introduces the first version of Galaxy, a fine-control, high-fidelity computer network emulation framework designed to support rapid, parallel experimentation with the automated design of software agents in mind. Our framework provides a modular environment to experiment with arbitrary defense and attack strategies under a wide variety of business requirements and accounting for the productivity of users, allowing cybersecurity practitioners to consider the unique constraints of their real-world systems. We demonstrate the effectiveness of Galaxy for the use of an evolutionary algorithm to generate enumeration strategies for attacker agents.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {220241,
author = {Kevin Schoonover and Eric Michalak and Sean Harris and Adam Gausmann and Hannah Reinbolt and Daniel R. Tauritz and Chris Rawlings and Aaron Scott Pope},
title = {Galaxy: A Network Emulation Framework for Cybersecurity},
booktitle = {11th {USENIX} Workshop on Cyber Security Experimentation and Test ({CSET} 18)},
year = {2018},
address = {Baltimore, MD},
url = {https://www.usenix.org/conference/cset18/presentation/schoonover},
publisher = {{USENIX} Association},
}