Information Technology Reference
In-Depth Information
(2) the “Hacker Agent” performs attacks against computer network. In the developed
version of Attack Simulator each agent class has single instance although the devel-
oped technology makes it possible to simulate a team of hackers and a team of agents
responsible for computer network security [11].
The aforementioned agents are implemented (Fig. 2) on the basis of the technology
supported by Multi-Agent System Development Kit (MASDK) that is a multi-agent
software tool aiming at support of the design and implementation of multi-agent sys-
tems of a broad range [6]. Attack Simulator comprises the multitude of reusable com-
ponents generated by use of the MASDK standard functionalities and application-
oriented software components developed in MS Visual C++.
Each agent operates using the respective fragment of the application ontology that
is designed by use of an editor of MASDK facilities. The interaction between agents
in the process of attack simulation is supported by the communication environment,
which design and implementation is also supported by MASDK.
Fig. 2. Component Models of Hacker and Network Agents
The communication component plays a very important role in the Attack Simula-
tor. Indeed, the knowledge bases of Network Agent and Hacker Agent are imple-
mented as two separate entities. An advantage of such a knowledge representation
makes it actually possible to simulate adversary interactions. Such a model adequately
implements interactions of the both above opposite sides. In it, while simulating an
attack Hacker Agent sends a certain message to Network Agent. Network Agent, like
this takes place in real-life interactions, analyzes the received message and forms a
responsive message. This message is formed based on the Network Agent's knowl-
edge base that models the network configuration and all its attributes needed to simu-
late the real-life response. The Network Agent's knowledge base also uses informa-
tion about possible existing attacks and reaction of the network.
Hacker Agent Kernel contains a standard set of functions needed for exploiting on-
tology and running state machines. It is also provided with functions that call specifi-
cation of attack task, compute next state-machine transition as well as initiate and
Search WWH ::




Custom Search