Capabilities of potential cyber aggressor on the example of developed universal simulator of active multiwave cyber attack are considered and analyzed. Weaknesses of standard methods of timely identification and detection of potential threats and active cyber attacks are revealed. Possibility of parallel attack with mutual support of parallel processes, with application of several waves at certain intervals, including cyclic waves of cyber attacks, with blocking of system services of Windows OS, temporary disconnection and disruption of input–output and information display systems, etc. by means of special program codes in the process of simulator development has been revealed. The possibility of application and implementation of this simulator of active multi-wave cyber attack in the system of training of specialists in the field of cyber security is analyzed and evaluated. Being a terminate-and-stay resident program, this simulator is skillfully disguised, runs at certain intervals of cyber attack waves. Thus, it disrupts activities on elimination of cyber attacks carried out on the system, thus creating conditions that are as close as possible to real conditions of attacks, which in turn in the future will allow cybersecurity specialists to make swift and, most importantly, correct decisions in extreme conditions of cyberthreats.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Development and Application of an Active Cyber Attack Simulator

  • Bayrammyrat Atamanov,
  • Maksat Churiyev,
  • Maral Geldiyeva,
  • Dunyagozel Charyyeva,
  • Baymyrat Gafurov

摘要

Capabilities of potential cyber aggressor on the example of developed universal simulator of active multiwave cyber attack are considered and analyzed. Weaknesses of standard methods of timely identification and detection of potential threats and active cyber attacks are revealed. Possibility of parallel attack with mutual support of parallel processes, with application of several waves at certain intervals, including cyclic waves of cyber attacks, with blocking of system services of Windows OS, temporary disconnection and disruption of input–output and information display systems, etc. by means of special program codes in the process of simulator development has been revealed. The possibility of application and implementation of this simulator of active multi-wave cyber attack in the system of training of specialists in the field of cyber security is analyzed and evaluated. Being a terminate-and-stay resident program, this simulator is skillfully disguised, runs at certain intervals of cyber attack waves. Thus, it disrupts activities on elimination of cyber attacks carried out on the system, thus creating conditions that are as close as possible to real conditions of attacks, which in turn in the future will allow cybersecurity specialists to make swift and, most importantly, correct decisions in extreme conditions of cyberthreats.