Accession Number : ADA297701

Title :   Plan-Based Simulation of Malicious Intruders on a Computer System.

Descriptive Note : Master's thesis,

Corporate Author : NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s) : Roberts, Christopher C.

PDF Url : ADA297701

Report Date : MAR 1995

Pagination or Media Count : 49

Abstract : The problem addressed by this work was to reduce the time taken to train system administrators in detecting computer security problems in system audit logs. The approach taken was to develop a simulator which generates realistic audit logs that illustrate both non-malicious and malicious behavior. These logs can be used to train system administrators. The simulator was written in Prolog and used means-ends analysis to simulate seventeen combinations of general system functions which includes the following: logins, editing, file deletions, file copying, changing file access rights, obtaining superuser privileges, sending mail and logouts. The simulation manipulates virtual system files analogously to what real users do. This creates realistic audit file logs that include a mixture of normal and malicious activity. More impressive is that the entire source program requires only 19.1 kbytes of space, making it small enough to be compatible with a personal computer. (KAR) P. 2

Descriptors :   *DATA PROCESSING SECURITY, *TRAINING, *ADMINISTRATIVE PERSONNEL, *COMPUTER PERSONNEL, *INTRUSION DETECTION, *AUDITING, COMPUTERIZED SIMULATION, SOURCES, COMPUTERS, THESES, PROBLEM SOLVING, TIME, MICROCOMPUTERS, RECORDS, COMPUTER FILES, POSTAL SERVICE.

Subject Categories : Personnel Management and Labor Relations
      Computer Systems Management and Standards

Distribution Statement : APPROVED FOR PUBLIC RELEASE