Emulation automation and model checking
| DWPI Title: Method for automating emulations of target by using e.g. computer, involves delivering task commands to guest actor programs to imitate real user behavior by director programs, and presenting imitated behavior to user through interface |
| Abstract: A method of automating emulations is provided. The method comprising collecting publicly available network data over a predefined time interval, wherein the collected network data might comprise structured and unstructured data. Any unstructured data is converted into structured data. The original and converted structured data is stored in a database and compared to known network vulnerabilities. An emulated network is created according to the collected network data and the comparison of the structured data with known vulnerabilities. Virtual machines are created to run on the emulated network. Director programs and guest actor programs are run on the virtual machines, wherein the actor programs imitate real user behavior on the emulated network. The director programs deliver task commands to the guest actor programs to imitate real user behavior. The imitated behavior is presented to a user via an interface. |
| Use: Method for automating emulations of a target by using a client device such as computer, workstation and network computer. |
| Advantage: The method involves collecting publicly available network data over a predefined time interval, so that the collected network data is provided with structured and unstructured data to identify breadth, scope and location of, where the emulation is placed when creating an emulation environment and to automatically create models of networks that can be used to monitor activity across a network to assess potential risks to the network. |
| Novelty: The method (500) involves comparing stored structured data to known network vulnerabilities (508), where the structured data is stored in a database i.e. multi-model database based on non-SQL storage objects, in a columnar manner. An emulated network is created (510) according to the collected network data and the comparison of the stored structured data with known vulnerabilities. A number of virtual machines is created (512) to run on the emulated network. A number of director programs is run (514) on the virtual machines. A number of guest actor programs is run (516) on the virtual machines, where the actor programs imitate real user behavior on the emulated network and the virtual machines emulate a host and network environment. Task commands are delivered (518) to the guest actor programs to imitate real user behavior by the director programs. The imitated behavior is presented (520) to a user through an interface. |
| Filed: 11/10/2020 |
| Application Number: US17094542A |
| Tech ID: SD 15295.0 |
| This invention was made with Government support under Contract No. DE-NA0003525 awarded by the United States Department of Energy/National Nuclear Security Administration. The Government has certain rights in the invention. |
| Data from Derwent World Patents Index, provided by Clarivate All rights reserved. Republication or redistribution of Clarivate content, including by framing or similar means, is prohibited without the prior written consent of Clarivate. Clarivate and its logo, as well as all other trademarks used herein are trademarks of their respective owners and used under license. |