The next chapter in our Cyber Resilience series continues the important discussion around protecting networks and network systems against cyber attacks. This chapter will explore how network simulation can assist with cyber resilience.
Assessing Cyber Resilience Using Network Simulation
An alternative to testing by using physical networks is to use high-fidelity, at-scale, network simulation, which provides a low-cost, low-risk, and easy-to-use means for assessing the resilience of networks to diverse cyber threats. Simulations can be used to assess cyber resilience without subjecting the physical network to actual cyber attacks, and hence, without the risk of leakage of the attack vectors into live assets. Its relatively low cost allows a larger suite of tests to be supported under diverse operating conditions.
Some of the critical questions that can be answered with network and system simulations include:
- Network degradation: To what extent and how gracefully will the network degrade when attacked and will the network be able to provide critical services while counter-measures are being deployed? For example, if a DDOS attack is launched from compromised IOT (Internet of Things) devices, can the firewalls protect at least the minimum number of servers required to accept orders at an online retailer (perhaps at a lower volume)?
- Breach detection: How soon can security breaches be detected? Is the network instrumented adequately to detect security breaches in a timely manner, so that counter-measures can be deployed to contain the attack and recover from it in a timely manner? Modern intrusion detection mechanisms rely not only on signatures but also on anomalous traffic patterns to detect breaches, which require sensors to collect network traffic data. Simulation can be used to determine the optimal placement and configuration of these sensors.
- Responsiveness and effectiveness of counter-measures: How long does it take for the counter-measures to be effective, for example, how long will it take to switch from a compromised server to a backup server and to reroute traffic through it? Can the counter-measures be deployed without disrupting the service? For example, will the reconfiguration of firewall rules to block packets sent as part of a DDOS attack also prevent legitimate users from logging in, or will rerouting traffic to bypass a compromised server overwhelm a previously unaffected server and bring it down as well?
- The speed with which breaches can be detected and the time it takes for counter-measures to be effective are especially important when strict deadlines have to be met (for example, in time-critical military missions). Simulations can help evaluate different strategies and proactively prepare plans in a safe environment, to maintain network operations or restore them in a timely manner, such that the mission can be completed even in the event of cyber attacks. For example, if a wired communication link is disrupted, in one case it may be sufficient to route all traffic through a satellite link, but in another case, it may be necessary to also throttle lower priority traffic because of the lower capacity of the satellite link.
An organization’s network is highly dynamic; network equipment, software, and configuration need to be upgraded continuously to meet evolving requirements. Similarly, cyber attackers are constantly developing new threats to compromise networks. Hence, to assure that cyber resilience is not a one-time effort, IT managers need to continuously assess their current network’s vulnerabilities to known and emerging threats and proactively update their strategies to defend against them. This can be done in an on-going, cost-effective and low-risk manner by using simulation-based assessment and training platforms.
Watch for part 3 in our Cyber Resilience series where we will build on the discussion of how network simulation models can help to protect the network. Follow the blog to read about how these models can build cyber resilience to defend against cyber attacks.