Cyberattack maps developed by Sandia researchers were presented to the public during a seminar last week at Harvard University. Those measurements make up a complex computer simulation of a massive botnet attack against a large-scale network.
Goldsmith presented the Sandia research as part of the “Cyber Internal Relations” series sponsored by MIT and the Belfer Center for Science and International Affairs at the Harvard Kennedy School. The researchers chose to examine a root attack, a Byzantine attempt to gain control of a target system at its most basic level of operation.
Applications of such simulations aren’t academic at all; such large-scale IT infrastructures would of course include those of state and federal agencies or defense contractors. Goldsmith and other attendees at the lecture assert that the “Holy Grail” of cyberwarfare is to quickly and accurately map out the network of an attacker or defender. Such a map could produce a decisive advantage, just as understanding the local geography of a country is a crucial advantage in real-world warfare.
Goldsmith is the lead scientist on a project creating intelligent white hat software agents that enable networks to be self defending.
Enterprise intrusion detection software in the future may include network topography and intelligent agents in a collective to improve its effectiveness. The developers of high-level enterprise architecture policies, including service-oriented architectures, will need to consider where and how to build in a level of autonomous intelligence into networks.
In an address Feb. 26 at an Armed Forces Communications and Electronics Association meeting in Baghdad, Sorenson called for greater information sharing on a single communications network.
http://gcn.com/Articles/2009/03/10/Cyberattack-mapping.aspx