Publications

17 Results
Skip to search filters

Emulation Platform for Cyber Analysis of Wireless Communication Network Protocols

Van Leeuwen, Brian P.; Eldridge, John M.

Wireless networking and mobile communications is increasing around the world and in all sectors of our lives. With increasing use, the density and complexity of the systems increase with more base stations and advanced protocols to enable higher data throughputs. The security of data transported over wireless networks must also evolve with the advances in technologies enabling more capable wireless networks. However, means for analysis of the effectiveness of security approaches and implementations used on wireless networks are lacking. More specifically a capability to analyze the lower-layer protocols (i.e., Link and Physical layers) is a major challenge. An analysis approach that incorporates protocol implementations without the need for RF emissions is necessary. In this research paper several emulation tools and custom extensions that enable an analysis platform to perform cyber security analysis of lower layer wireless networks is presented. A use case of a published exploit in the 802.11 (i.e., WiFi) protocol family is provided to demonstrate the effectiveness of the described emulation platform.

More Details

SpaceWire model development technology for satellite architecture

Van Leeuwen, Brian P.; Eldridge, John M.; Leemaster, Jacob E.

Packet switched data communications networks that use distributed processing architectures have the potential to simplify the design and development of new, increasingly more sophisticated satellite payloads. In addition, the use of reconfigurable logic may reduce the amount of redundant hardware required in space-based applications without sacrificing reliability. These concepts were studied using software modeling and simulation, and the results are presented in this report. Models of the commercially available, packet switched data interconnect SpaceWire protocol were developed and used to create network simulations of data networks containing reconfigurable logic with traffic flows for timing system distribution.

More Details

Joint Architecture Standard (JAS) Reliable Data Delivery Protocol (RDDP) specification

Hunt, Richard D.; Enderle, Justin W.; Gallegos, Daniel E.; Eldridge, John M.; Daniels, James W.

The Joint Architecture Standard (JAS) program at Sandia National Laboratories requires the use of a reliable data delivery protocol over SpaceWire. The National Aeronautics and Space Administration at the Goddard Spaceflight Center in Greenbelt, Maryland, developed and specified a reliable protocol for its Geostationary Operational Environment Satellite known as GOES-R Reliable Data Delivery Protocol (GRDDP). The JAS program implemented and tested GRDDP and then suggested a number of modifications to the original specification to meet its program specific requirements. This document details the full RDDP specification as modified for JAS. The JAS Reliable Data Delivery Protocol uses the lower-level SpaceWire data link layer to provide reliable packet delivery services to one or more higher-level host application processes. This document specifies the functional requirements for JRDDP but does not specify the interfaces to the lower- or higher-level processes, which may be implementation-dependent.

More Details

Performing cyber security analysis using a live, virtual, and constructive (LVC) testbed

Proceedings - IEEE Military Communications Conference MILCOM

Van Leeuwen, Brian P.; Urias, Vincent U.; Eldridge, John M.; Villamarin, Charles; Olsberg, Ronald R.

Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed new methods to combine these evaluation platforms into a cyber Live, Virtual, and Constructive (LVC) testbed. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a target system, it is critical to represent realistically the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber LVC testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single computing platform. This provides an "experiment-in-a-box" capability. The result is rapidly produced, large scale, relatively low-cost, multi-fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations.

More Details

Cyber security analysis testbed : combining real, emulation, and simulation

Van Leeuwen, Brian P.; Urias, Vincent U.; Eldridge, John M.; Villamarin, Charles

Cyber security analysis tools are necessary to evaluate the security, reliability, and resilience of networked information systems against cyber attack. It is common practice in modern cyber security analysis to separately utilize real systems of computers, routers, switches, firewalls, computer emulations (e.g., virtual machines) and simulation models to analyze the interplay between cyber threats and safeguards. In contrast, Sandia National Laboratories has developed novel methods to combine these evaluation platforms into a hybrid testbed that combines real, emulated, and simulated components. The combination of real, emulated, and simulated components enables the analysis of security features and components of a networked information system. When performing cyber security analysis on a system of interest, it is critical to realistically represent the subject security components in high fidelity. In some experiments, the security component may be the actual hardware and software with all the surrounding components represented in simulation or with surrogate devices. Sandia National Laboratories has developed a cyber testbed that combines modeling and simulation capabilities with virtual machines and real devices to represent, in varying fidelity, secure networked information system architectures and devices. Using this capability, secure networked information system architectures can be represented in our testbed on a single, unified computing platform. This provides an 'experiment-in-a-box' capability. The result is rapidly-produced, large-scale, relatively low-cost, multi-fidelity representations of networked information systems. These representations enable analysts to quickly investigate cyber threats and test protection approaches and configurations.

More Details

A report on IPv6 deployment activities and issues at Sandia National Laboratories:FY2007

Eldridge, John M.; Maestas, Joseph H.; Hu, Tan C.; Tolendino, Lawrence F.

Internet Protocol version 4 (IPv4) has been a mainstay of the both the Internet and corporate networks for delivering network packets to the desired destination. However, rapid proliferation of network appliances, evolution of corporate networks, and the expanding Internet has begun to stress the limitations of the protocol. Internet Protocol version 6 (IPv6) is the replacement protocol that overcomes the constraints of IPv4. As the emerging Internet network protocol, SNL needs to prepare for its eventual deployment in international, national, customer, and local networks. Additionally, the United States Office of Management and Budget has mandated that IPv6 deployment in government network backbones occurs by 2008. This paper explores the readiness of the Sandia National Laboratories network backbone to support IPv6, the issues that must be addressed before a deployment begins, and recommends the next steps to take to comply with government mandates. The paper describes a joint work effort of the Sandia National Laboratories ASC WAN project team and members of the System Analysis & Trouble Resolution, the Communication & Network Systems, and Network System Design & Implementation Departments.

More Details

Final report for the network authentication investigation and pilot

Witzke, Edward L.; Eldridge, John M.; Miller, Marc M.; Wiener, Dallas W.; Dautenhahn, Nathan D.

New network based authentication mechanisms are beginning to be implemented in industry. This project investigated different authentication technologies to see if and how Sandia might benefit from them. It also investigated how these mechanisms can integrate with the Sandia Two-Factor Authentication Project. The results of these investigations and a network authentication path forward strategy are documented in this report.

More Details

A report on FY06 IPv6 deployment activities and issues at Sandia National Laboratories

Eldridge, John M.; Hu, Tan C.; Tolendino, Lawrence F.

Internet Protocol version 4 (IPv4) has been a mainstay of the both the Internet and corporate networks for delivering network packets to the desired destination. However, rapid proliferation of network appliances, evolution of corporate networks, and the expanding Internet has begun to stress the limitations of the protocol. Internet Protocol version 6 (IPv6) is the replacement protocol that overcomes the constraints of IPv4. IPv6 deployment in government network backbones has been mandated to occur by 2008. This paper explores the readiness of the Sandia National Laboratories' network backbone to support IPv6, the issues that must be addressed before a deployment begins, and recommends the next steps to take to comply with government mandates. The paper describes a joint, work effort of the Sandia National Laboratories ASC WAN project team and members of the System Analysis & Trouble Resolution and Network System Design & Implementation Departments.

More Details

An evaluation of Access Tier local area network switches

Eldridge, John M.; Olsberg, Ronald R.

This reports tabulates the Test and Evaluation results of the Access Class Switch tests conducted by members of Department 9336. About 15 switches were reviewed for use in the enterprise network as access tier switches as defined in a three tier architecture. The Access Switch Tier has several functions including: aggregate customer desktop ports, preserve and apply QoS tags, provide switched LAN access, provide VLAN assignment, as well as others. The typical switch size is 48 or less user ports. The evaluation team reviewed network switch evaluation reports from the Tolly Group as well as other sources. We then used these reports as a starting point to identify particular switches for evaluation. In general we reviewed the products of dominant equipment manufacturers. Also, based on architectural design requirements, the majority of the switches tested were of relatively small monolithic unit variety.

More Details

Final Report for the Quality of Service for Networks Laboratory Directed Research and Development Project

Eldridge, John M.; Tarman, Thomas D.; Brenkosh, Joseph P.; Dillinger, John D.; Michalski, John T.; Michalski, John T.

The recent unprecedented growth of global network (Internet) usage has created an ever-increasing amount of congestion. Telecommunication companies (Telco) and Internet Service Providers (ISP's), which provide access and distribution through the network, are increasingly more aware of the need to manage this growth. Congestion, if left unmanaged, will result in a degradation of the over-all network. These access and distribution networks currently lack formal mechanisms to select Quality of Service (QoS) attributes for data transport. Network services with a requirement for expediency or consistent amounts of bandwidth cannot function properly in a communication environment without the implementation of a QoS structure. This report describes and implements such a structure that results in the ability to identify, prioritize, and police critical application flows.

More Details
17 Results
17 Results