A Stochastic Model of Computer Intrusions for Evaluation and Exercises
Robert P. Goldman, (SIFT, LLC), firstname.lastname@example.org
Research and practice in computer intrusion defense is hampered by the great difficulty of conducting repeatable experiments and exercises. We have drawn on recent work in artificial intelligence action modeling to design a flexible simulation environment for computer intrusions. A key component of this model is a relatively intelligent simulated attacker, built using techniques of goal-directed procedure invocation. We hope that the resulting approach will provide a good trade-off between fidelity of modeling and the ability to repeatably exercise computer security techniques.