Ad Hoc Network Visualization

Transcription

1 Ad Hoc Network Visualization CMPSC 597G Module Name: Tactical Network Visualization with VisualCyberVAN with VisualCyberVAN Professor Patrick McDaniel Joshua Crafts Fall 2015

2 The Ontology of Network Security The overall objective of the Cyber Security CRA is to develop a fundamental understanding of cyber phenomena, including aspects of human attackers, cyber defenders, and end users, so that fundamental laws, theories, and theoretically grounded and empirically validated models can be applied to a broad range of Army domains, applications, and environments. To meet these goals with respect to understanding networks, we use the CyberVAN testbed developed by ACS. Any suitable testbed for network security, like CyberVAN, needs to be oriented toward replicating real tactical networks.

3 Tactical Networks Are Mobile Ad Hoc Networks (MANETs) Are wireless, and based on radio communication Nodes can function as routers Nodes can enter and exit the network at any time Nodes are not fixed and can move location Consequently, topology is dynamic Testbed must create Virtual Ad Hoc Networks (VANs) which share these properties to ensure consistency with the real world scenarios studied

4 CyberVAN ACS s CyberVAN uses distributed resources to facilitate MANET simulation with the following features: Dynamic addition/deletion/modification of network endpoints Ability to run automated and concurrent tests on a network scenario Large scale simulations at varying time granularity using time sync

5 The Problem: Situational Awareness The overall objective of the Cyber Security CRA is to develop a fundamental understanding of cyber phenomena since there are no dedicated routers, every node participates in packet forwarding, i.e. every node is a router; since the location of a node is not fixed and nodes can enter and leave the network at any time, network topology is dynamic. Understanding a network is already complex; how can we meet our overall objective of understanding when we re talking about a network for which topology is dynamic?

6

7

8

9

10 The Answer: Visualization

11

12

13

14

15 Hardware/Deployment Visualization Show supporting hardware for CyberVAN deployment: Servers simulating endpoints Server running simulation Server viewing simulation Technical characteristics of deployment hardware

16

17

18

19 Fundamental Problems of Visualization Presenting the most useful information most obviously Understanding the most useful information at all levels of granularity (in time and space) Giving effective access to finer details without crowding the broad presentation (tooltips, color coding, connections, etc.) Using space effectively (graph of subnet connections, graph of subnet with endpoints, etc.) Grouping related objects (network nodes, servers, etc.)

20 How Can We Improve This? Currently, VisualCyberVAN displays the environment of an imported network scenario, the fundamental initial structure of the scenario. Sufficient visualization would show the progression of the scenario, and allow some level of control over how the scenario is observed as it progresses. We also want to be able to modify and export scenarios. We also want to be able to visualize network traffic as it occurs in the simulation.

21 Summary Network simulation is hard, particularly with tactical ad hoc networks Once the network is simulated, understanding the simulation or explaining it to the laymen is even harder To meet the overall goal of the CRA, we need some deeper level of understanding for this simulation testbed We need a visualization to effectively solve this problem Fundamental problems of visualization are based on effectively presenting the most useful information in the most obvious way at all levels of granularity The same method used to approach visualizing the environment can also be used to approach progression and traffic