Research Summaries

Back High-Fidelity Digital Twins for Cyber Ops

Fiscal Year 2021
Division Research & Sponsored Programs
Department Naval Research Program
Investigator(s) Shaffer, Alan B.
Ramsey, Brittany L.
Prince, Charles D.
Singh, Gurminder
Sponsor NPS Naval Research Program (Navy)
Summary For a PCTE to be used effectively for developing, testing and practicing offensive cyber operations (OCO) and for playing back cyber mission data for the purposes of defensive cyber operations (DCO), it must faithfully represent the network infrastructure of interest. The PCTE should be a “Digital Twin” of the network for which OCO or DCO are being executed. Currently, digital twins (DTs) virtualize the physical network of interest using the COTS hypervisors. These DTs are however limited to creating environments which can represent software and network connectivity but are unable to represent hardware characteristics (e.g. the temperature of the computer or the ambient light around it). This limits the types of OCOs that can be developed and tested. For example, without the capability to represent the core temperature of the computer, one could not develop and test the latest attack on MS-Windows computers that crashed computers by heating them up (https://www.schneier.com/blog/archives/2020/04/emotat_malware_.html). Also, there have been attacks on MacBook batteries (https://www.theregister.co.uk/2011/07/22/mac_battery_hack/). Hardware/firmware cyberattacks are a serious reality! We are working on high fidelity (HiFi) hypervisors so that DTs will more realistically represent the intended system. See MS (CS) thesis: LT Corey Ingraham (2019), “High-Fidelity Virtualization for Cyber Operations” and ongoing research by LCDR Chris Norine, “Artifact Mitigation in High-Fidelity Virtualization”. We propose extended COTS hypervisors to support realistic DTs. Our key questions are: Which hypervisor extensions support HiFi DTs for cyber mission replays? How can COTS hypervisors be extended to support needed features? We will examine the state of technologies/tools for assessing limitations of COTS hypervisors to support HiFi DTs for PCTEs. Based on the results of this analysis, we will extend a hypervisor.
Deliverables: QPRs, M.Sc. thesis, Final Report
Keywords digital twins virtualization cyber security cybersecurity DCO OCO
Publications Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal
Data Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal