System Dynamics Modeling and Simulation of Enterprise Computer Security

Abstract

To support decision-making, training, and understanding complex trends in enterprise computer security, we have built an executable model representing the major components of an organization's computer security, including its machines, users, administrators, countermeasures, and attacks. We use "if-then" rules to express behaviors, incorporating the notions of "archetypes", i.e. frequently-observed patterns of system behavior, and "system dynamics", a discipline which views system behavior in terms of stocks and feedback loops. This thesis describes the model, and then discusses several archetypal behaviors and their results, namely: Symptomatic Fixes (or "Shifting the Burden"), Escalation, and Escalation combined with Limits to Growth. Simulation is used to display these behaviors quantitatively, and to show the effects of possible solutions. We conclude by discussing how such results can be useful for practical computer security, and how this model can both feed off other security research and fuel it.