Network defensive posture demonstrator – System description and work plan

PDF

Authors
  1. Henderson, G.
  2. Bacic, E.
  3. Tremblay, L.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN);BELL CANADA, OTTAWA ONT (CAN)
Abstract
The Network Information Operations (NIO) section at DRDC Ottawa is performing work under the Dynamic Computer Network Defence (CND) Applied Research Project, the goal of which is to provide network operators with situational awareness of their network. Crucial to this awareness is the knowledge of what assets residing on their network are critical to their operations, and what assets on their networks are exposed, that is, have a vulnerability that would allow an adversary to violate the confidentiality, integrity or availability of the asset. The NIO section has defined the combination of these two elements as network defensive posture: the set of exposed, critical resources on the network. Further, the defensive posture of a network is dynamic. The network critical resources may change with time in response to changing missions and operational priorities. At the same time, the network state can be altered by new software installations, the discovery of new vulnerabilities in existing software, changes to firewall rules, and other network events. Both types of changes affect the defensive posture. A milestone in the Dynamic CND project is to create a demonstrator of a network defensive posture system. This contract addresses this requirement, and will provide an environment in which researchers at DRDC Ottawa can continue their work. Through previous investigation, we have determined that the MulVAL open-source software package is appropriate for our needs, and as such will

Il y a un résumé en français ici.

Report Number
DRDC-OTTAWA-CR-2009-133 — Contractor Report
Date of publication
01 Aug 2009
Number of Pages
60
DSTKIM No
CA032870
CANDIS No
532084
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: