abstract

Recent terrorist activities have heightened the need for protecting critical infrastructures. Web-Recent terrorist activities have heightened the need for protecting critical infrastructures. Web-based systems like the highly-interconnected power grids used in transportation, water, and based systems like the highly-interconnected power grids used in transportation, water, and bureaucracy management systems are especially vulnerable since there exists no satisfactory bureaucracy management systems are especially vulnerable since there exists no satisfactory means of evaluating their security risks. means of evaluating their security risks.

To meet this need, ISEAGE is creating a virtual internet to enable the research, design, and testing To meet this need, ISEAGE is creating a virtual internet to enable the research, design, and testing of cyber defense mechanisms. One component of the ISEAGE system, and the end product of this of cyber defense mechanisms. One component of the ISEAGE system, and the end product of this project, is the Network Specification and Report System. The specification system will allow the project, is the Network Specification and Report System. The specification system will allow the user to create a virtual computer network through a GUI tool, while the report system will enable user to create a virtual computer network through a GUI tool, while the report system will enable the user to evaluate an attack in pseudo-real time or post-simulation. With the integration of this the user to evaluate an attack in pseudo-real time or post-simulation. With the integration of this component into ISEAGE, users will be able to create and evaluate custom networks configured on component into ISEAGE, users will be able to create and evaluate custom networks configured on actual hardware and faced with real attacks, thus allowing for an accurate assessment of network actual hardware and faced with real attacks, thus allowing for an accurate assessment of network security.security.

AbstractAbstract

David Rodgers (ComS/CprE) David Rodgers (ComS/CprE)

Lijin Varghese (CprE)Lijin Varghese (CprE)

Derek Light (CprE) Derek Light (CprE)

Justin Magnini (CprE)Justin Magnini (CprE)

IntroductionIntroduction

Proposed Approach and ConsiderationsProposed Approach and Considerations

Project RequirementsProject Requirements

Estimated Resources and ScheduleEstimated Resources and Schedule

General Problem StatementGeneral Problem Statement

• ISEAGE lacks ability to allow a user to specify ISEAGE lacks ability to allow a user to specify custom computer networkscustom computer networks

• No functionality exists to allow the user to No functionality exists to allow the user to specify networks that represent physically specify networks that represent physically existing networks or potential networksexisting networks or potential networks

• ISEAGE needs the ability to allow the user to ISEAGE needs the ability to allow the user to track the simulationtrack the simulation

General Solution ApproachGeneral Solution Approach

• A graphical user interface will be created for A graphical user interface will be created for configuration of computer networksconfiguration of computer networks

• End product will be capable of being GIS-End product will be capable of being GIS-based to map physically existing networks into based to map physically existing networks into simulation or reflecting only topologysimulation or reflecting only topology

• A logically formatted document will enable the A logically formatted document will enable the tracking of network simulationtracking of network simulation

Operating EnvironmentOperating Environment

• The end product will function on Microsoft The end product will function on Microsoft Windows operating systemsWindows operating systems

• The end product may be compatible with other The end product may be compatible with other operating systems if the appropriate operating systems if the appropriate technology can be locatedtechnology can be located

Intended UsersIntended Users

• Groups desiring large-scale computer network Groups desiring large-scale computer network simulation (e.g., Department of Homeland simulation (e.g., Department of Homeland Security)Security)

• Groups desiring small-scale computer network Groups desiring small-scale computer network simulation (e.g., business owners, graduate simulation (e.g., business owners, graduate students)students)

Dr. Douglas W. JacobsonDr. Douglas W. Jacobson

dougj@iastate.edudougj@iastate.edu

http://seniord.ece.iastate.edu/may0525seniord.ece.iastate.edu/may0525/

Network Specification and Report Network Specification and Report System for ISEAGE (May05-25)System for ISEAGE (May05-25)

ISU Information Assurance CenterISU Information Assurance Center

Design ObjectiveDesign Objective

• Must be easy to useMust be easy to use• Must allow mapping of existing networksMust allow mapping of existing networks• Allow easy tracking of simulation outputAllow easy tracking of simulation output

Functional RequirementsFunctional Requirements

• A graphical user interface to configure a A graphical user interface to configure a networknetwork

• Mapping of existing networksMapping of existing networks• Viewing of ISEAGE simulation outputViewing of ISEAGE simulation output

Figure 4

Financial Budget

$5.00$20.00

$50.00$45.00

Poster

Printing

Binding

Miscellaneous

Figure 3

Personnel Effort in Hours

180

175 170

172

David Rodgers

Lijin Varghese

Derek Light

Justin Magnini

ConclusionConclusion

Technologies ConsideredTechnologies Considered

Platforms: Windows, BSD, Linux, Mac Platforms: Windows, BSD, Linux, Mac Graphics Library: FOX, FLTK, wxWindowsGraphics Library: FOX, FLTK, wxWindowsLanguages: C++, C#, JavaLanguages: C++, C#, Java

Testing ConsiderationsTesting Considerations

• Unit testing and system testingUnit testing and system testing• Graphical interface testing by client Graphical interface testing by client and outside usersand outside users

Intended UsesIntended Uses

• Design of computer networks operating Design of computer networks operating in ISEAGEin ISEAGE

• Map physically existing networks into Map physically existing networks into simulationsimulation

• Provide simulation tracking in a logical Provide simulation tracking in a logical and understandable mannerand understandable manner

AssumptionsAssumptions

• Software will allow configuration of only Software will allow configuration of only one network at a timeone network at a time

• To configure a different computer To configure a different computer network on one computer, user must network on one computer, user must open another copy of softwareopen another copy of software

LimitationsLimitations

• The software must run in the Windows The software must run in the Windows operating environmentoperating environment

• The software must be able to easily The software must be able to easily configure computer networks with or configure computer networks with or without physical relationshipswithout physical relationships

• The software must be able to specify The software must be able to specify IPv4 networks which is currently the IPv4 networks which is currently the most used on the Internetmost used on the Internet

Expected End ProductExpected End Product

• A program to enable a user to specify A program to enable a user to specify and map an IPv4 network the size of and map an IPv4 network the size of Iowa or smallerIowa or smaller

• A program allowing simulation tracking A program allowing simulation tracking through a logically formatted filethrough a logically formatted file

Project ScheduleProject Schedule

Proposed ApproachProposed Approach

• Discuss requirements with clientDiscuss requirements with client• Design classes and modulesDesign classes and modules• Implementation of classes and modulesImplementation of classes and modules• Testing of all componentsTesting of all components• Testing of unified wholeTesting of unified whole• Feedback forms for outside testersFeedback forms for outside testers• Client testing of graphical user interfaceClient testing of graphical user interface

Design ConstraintsDesign Constraints

• Software must provide fast network Software must provide fast network configurations, regardless of scaleconfigurations, regardless of scale

• An individual network can be configured by An individual network can be configured by only one useronly one user

• The software must run on Microsoft The software must run on Microsoft WindowsWindows

Measurable MilestonesMeasurable Milestones

• Project PlanProject Plan • Design ReportDesign Report• Final Implementation and ReportFinal Implementation and Report

The objective of this assignment is to create an interface which allows a large variety of people to create a large variety of networks using the same tool, and to do so quickly and easily. This requires a well-structured design. Additionally, the client will give frequent feedback to determine the usability of the software starting in the initial design stage and especially in the later testing stages. The final interface will be a product of this goal and approach.

ClientClient Faculty AdvisorFaculty Advisor Team MembersTeam Members Project Web SiteProject Web Site

Figure 1

Figure 2