CyberSim – Dec03-06

Final Report

Client:InformationAssuranceCenter

Faculty Advisor:Doug Jacobson

Team Members:Ryan Applegate

Saddam Khattak

Dan Nguyen

Adam Straw

11/18/03

1

Table of Contents

Table of Contents

1Frontal Materials

1.1List of Figures

1.2List of Tables

1.3List of Definitions

2Introductory Materials

2.1Executive Summary

2.1.1Need for the Project

2.1.1.1Project Activities

2.1.1.2Researched Technical Approach

2.1.1.3Infrastructure

2.1.1.4Game Development Research

2.1.1.5Network Security Research

2.1.1.6Documentation

2.1.2Final Results

2.1.3Recommendations for Follow-on Work

2.2Acknowledgement

2.3Problem Statement

2.3.1General Problem Statement

2.3.2General Solution-Approach Statement

2.4Operating Environment

2.5Intended User(s) and Use(s)

2.5.1Intended Users

2.5.2Intended Uses

2.6Assumptions and Limitations

2.6.1Assumptions

2.6.2Limitations

2.7Expected End Product and Other Deliverables

3Project Approach and Results

3.1End Product Functional Requirements

3.1.1Requirements of Documents

3.1.2Requirements of Implemented Game (in the future)

3.2Resultant Design Constraints

3.3Approaches Considered and One Used

3.3.1Technical Approach Considerations and Results

3.3.2Technologies Considered

3.3.3Advantages and Disadvantages of Each Technology

3.3.4Selected Technology

3.3.5Reasons for Selection

3.4Detailed Design

3.4.1Introduction

3.4.1.1Game Overview

3.4.1.2Purpose of the Game

3.4.2Detailed Gameplay Description

3.4.2.1Detailed Walkthrough of the Game

3.4.3User Interface and Controls

3.4.3.1Description of User Interface

3.4.3.2Game Screens

3.4.3.2.1Introduction/Splash Screen

3.4.3.2.2Menu Screen

3.4.3.2.3Start New Game Screen

3.4.3.2.4Load Game Screen

3.4.3.2.5Options Screen

3.4.3.2.6Network Topology Screen

3.4.3.2.7Office View Screen

3.4.3.2.8Properties Screen

3.4.3.2.9Email Client Screen

3.4.3.2.10Company Status Screen

3.4.3.2.11Purchasing Screen

3.4.3.2.12History Screen

3.4.4Game Data

3.4.4.1Statistics and Variables

3.4.4.1.1Game Variables

3.4.4.1.1.1Player Name

3.4.4.1.1.2Difficulty Level

3.4.4.1.1.3Game Speed

3.4.4.1.1.4Sound Volume

3.4.4.1.1.5Music Volume

3.4.4.1.2Company Variables, Uncontrollable

3.4.4.1.2.1Income

3.4.4.1.2.2Size

3.4.4.1.2.3Morale

3.4.4.1.2.4Productivity

3.4.4.1.2.5Prestige/Stock Price

3.4.4.1.2.6User Expertise

3.4.4.1.2.7Systems Status

3.4.4.1.3Company Variables, Controllable

3.4.4.1.3.1User Training

3.4.4.1.3.2Systems Maintenance

3.4.5Higher Level Design

3.4.5.1Game Engine Structure

3.4.5.1.1Engine Composition

3.4.5.1.2The Game Cycle

3.4.5.2How Attacks Work

3.4.5.2.1Attack Class

3.4.5.2.2The Life of an Attack

3.4.5.2.2.1Attack Prevention Stage

3.4.5.2.2.2Attack Detection Stage

3.4.5.2.2.3Attack Damage Stage

3.4.5.2.2.4Relation Between Attacks and Defenses

3.4.5.2.3Included Attacks

3.4.5.2.3.1Virus

3.4.5.2.3.2Worm

3.4.5.2.3.3Social Engineering

3.4.5.2.3.4Physical Access

3.4.5.2.3.5Eavesdropping

3.4.5.2.3.6Password Access

3.4.5.2.3.7Denial of Service

3.4.5.3Defenses

3.4.5.3.1The Defense Class

3.4.5.3.2Included Defenses

3.4.5.3.2.1Antivirus

3.4.5.3.2.2Firewall

3.4.5.3.2.3Access Control

3.4.5.3.2.4Biometrics/Guards

3.4.5.3.2.5Cryptography

3.4.5.3.2.6User Expertise

3.4.5.3.2.7Backups

3.4.5.3.2.8Redundant Systems

3.4.5.3.3How Defenses Defend

3.4.5.4The Network

3.4.5.4.1The Computer

3.4.5.4.2Upgrading the Network

3.4.5.5Economic Model

3.4.6Multimedia

3.4.6.1Graphics

3.4.6.1.1Graphical User Interface

3.4.6.1.1.1GUI Look-And-Feel

3.4.6.1.1.2GUI Implementation

3.4.6.1.2Graphical Perspective of Network Topology Screen

3.4.6.1.2.1Network Topology Screen Look-And-Feel

3.4.6.1.2.2Network Topology Screen Graphical Implementation

3.4.6.1.3Graphical Perspective of Office Screen

3.4.6.1.3.1Office Screen Look-and-Feel

3.4.6.1.3.2Graphical Implementation of Office Screen

3.4.6.2Music and Sound

3.4.6.2.1Music

3.4.6.2.2Sound

3.5Implementation Process Description

3.5.1Implementing the Back End

3.5.2Implementing the GUI

3.5.3Integrating Back End and GUI

3.5.4Improvements to Implementation Process

3.6End-Product Testing Description

3.6.1.1How and where will the testing be performed?

3.6.1.2Exactly what will be tested?

3.6.1.3How will testing accuracy be determined?

3.6.1.4What information is required on the forms that will be used to record the test results?

3.6.1.5Who will do the testing and how will it be verified?

3.7Project End Results

3.7.1Detailed Design Document

3.7.2Research Paper on Network Security

3.7.3Code and Documentation for Resource File Manager

3.7.4Infrastructure

4Resources and Schedule

4.1Resource Requirements

4.1.1Personnel Effort

4.1.2Other Resource Requirements

4.1.3Estimated Project Costs

4.2Schedules

4.2.1Tasks versus Project Calendar Chart

4.2.2Project Deliverables Chart

5Closure Materials

5.1Project Evaluation

5.2Commercialization

5.3Recommendation for Additional Work

5.4Lessons Learned

5.4.1Successes

5.4.2Failures

5.4.3Technical Knowledge Gained

5.4.4Non-technical Knowledge Gained

5.4.5Different Approaches

5.5Risk and Risk Management

5.5.1Anticipated Potential Risks and Planned Management Thereof

5.5.2Anticipated Risks Encountered and Success in Management Thereof

5.5.3Unanticipated Risks Encountered and Success in Management Thereof

5.5.4Resultant Changes in Risk Management Made Because of Encountered Unanticipated Risks

5.6Project Team Management

5.6.1Client Contact Information

5.6.2Faculty Advisor Contact Information

5.6.3Team Members Contact Information

5.7Closing Summary

5.8References

5.8.1Programming References

5.8.1.1Code Documentation

5.8.1.2OpenGL Walkthroughs

5.8.2Network Systems References

5.8.2.1Network Guides and Information

5.8.2.2Network Security Information

5.8.2.3Network Security Issues and Current Events

5.8.2.4Gaming Theory and Issues

5.9Appendices

5.9.1APPENDIX A – Sample DirectX Code for GUI

1Frontal Materials

This section contains information about the document including a list of figures, list of tables, and a list of definitions.

1.1List of Figures

The following contains a list of figures for the document.

  • Figure 3.4.4.1.2.7Relationship between company variables...... 19
  • Fig 3.4.6.1.2.1 A sample topology screen from CyberProtect™...... 29
  • Figure 3.4.6.1.3.1Sample screen from The SimsTM...... 30
  • Figure 3.4.6.1.3.2Texture mapped cube...... 31

1.2List of Tables

The following contains a list of tables for the document.

  • Table 3.3.3aAdvantages/Disadvantages of C / OpenGL...... 7
  • Table 3.3.3b Advantages/Disadvantages of Java / Java3D...... 8
  • Table 3.3.3c Advantages/Disadvantages of Macromedia Director...... 37
  • Table 4.1.1aOriginal Personnel Effort Requirements...... 37
  • Table 4.1.1b Revised Personnel Effort Requirements...... 38
  • Table 4.1.1c Actual Personnel Effort Requirements...... 38
  • Table 4.1.2a Original Other Resource Requirements...... 38
  • Table 4.1.2b Revised Other Resource Requirements...... 39
  • Table 4.1.2c Actual Other Resource Requirements...... 39
  • Table 4.1.3a Original Estimated Project Costs...... 40
  • Table 4.1.3b Revised Estimated Project Costs...... 40
  • Table 4.1.3c Actual Project Costs...... 40
  • Table 5.6.1 Client Contact Information...... 50
  • Table 5.6.2 Faculty Advisor Contact Information...... 51
  • Table 5.6.3aTeam Leader Contact Information...... 51
  • Table 5.6.3b Communication Coordinator Contact Information...... 51
  • Table 5.6.3c Team Member Contact Information...... 51
  • Table 5.6.3dTeam Member Contact Information...... 51

1.3List of Definitions

The following is a list of definitions used in the document.

  • Buffer overflow – Technique for crashing or gaining control of a computer by loading it with data sent to the buffer in a computer’s memory.
  • Crackers – Hackers on hire who break into computer systems to steal valuable information for their own financial gain.
  • Cyber squatting – Buying domain names like or and then selling them for a big profit (just like a personalized number plate).
  • Denial of service – Intentionally flooding a website with too many requests for information, an attacker can effectively clog the system, slowing performance or even crashing the site.
  • Dumpster diving – Sifting through a company’s garbage to find information to help break into their computers.
  • Eavesdropping – An intruder reroutes all traffic through his/her machine
  • Hacker – A person who explores programming systems in detail and who seeks to extend his knowledge in this field. The term represents persons illegally introduced into computer systems. White-hat hackers are the good guys who are excited by the intellectual challenge of tearing apart computer systems to improve computer security. Black-hat hackers are desperadoes on the Net out to crash systems, stealing passwords, and generally wreaking as much havoc as possible.
  • Insiders – Disgruntled employees working solo or in concert with outsiders to compromise corporate systems.
  • Logic bombs – An instruction in a computer program that triggers a malicious act.
  • Malicious applets – Tiny programs, sometimes written in Java, which misuse a computer’s resources to modify files on the hard disk, send fake e-mail, or steal passwords.
  • Password crackers – Those who possess software that can guess passwords.
  • Phreaking – An act of pirating telephone networks. Since they spend long hours trying to get access to phone lines the majority of the hackers are also phreakers. Moreover, since the modern telephone exchanges are computerized, it becomes possible for phreakers to control the network as easily as an employee of the telephone company.
  • Scans – Widespread probes of the Internet to determine types of computers, services, and connections. This way one can take advantage of the weaknesses in a particular make of computer or software program.
  • Script bunnies – Amateur hackers with little technical savvy who download program-scripts that automate the job of breaking into computers.
  • Sniffer – A program that covertly searches individual packets of data as they pass through the Internet, capturing passwords of the entire contents.
  • Spoofing – Faking an e-mail address or a web page to trick users into passing along critical information like passwords or credit-card numbers.
  • Trojan horses – Software programs that hides another program. For example, if in addition to being a word-processing program, its programmer decides to make it search for the valid applications and erase all other word processing software, it is a Trojan horse. It is also possible to use a Trojan horse to introduce a virus on a computer.
  • Viruses – Programs that can reproduce in a computer and infect other programs. It is transmitted from one computer to another, on copying an infected program. The viruses can be programmed to be harmful, for example, by erasing all of the machine’s data on a precise date.
  • War dialing – Programs that automatically dial thousands of telephone numbers in search of a way in through a modem connection.
  • Worms – A worm differs from a virus in that it transfers itself from one computer to the other through a network.
  • Version control system – A system to keep track of multiple versions of software and configurations allowing multiple programmers to work simultaneously on the same software.
  • Integrated development environment – A developing environment integrated in the software used by programmers to aid in their software development. Provides options and features for the programmer to be productive and efficient.
  • Resource File Manager – Software used to manage the resource files needed for the project. Provides options for the programmer to load, save, and delete files from the resource files as needed for the implementation of the project.

1

2Introductory Materials

This section contains basic information about the project including the executive summary, acknowledgement, problem statement, operating environment, intended users and uses, assumptions and limitations, and the expected end product and deliverables.

2.1Executive Summary

This section contains a summary of the project including the need for the project, project activities, final results and recommendations for follow-on work.

2.1.1Need for the Project

CyberSim is an intriguing and challenging project. Its design and implementation will be a beneficial learning tool for the engineers in charge of its creation, and the final product will provide a fun and effective way to learn about network security.

With the society’s use of the Internet continually growing, so grows the need for network security and persons educated in the subject matter. There are currently very few games that are about network security, and even fewer that have any educational value. CYBER Sim would be one of the first of its kind.

2.1.1.1Project Activities

CyberSim is a large project, not something that can be completed in one term. The activities in this first term centered on laying a foundation for future teams to build on. The pieces of this foundation are outlined in the following sections.

2.1.1.2Researched Technical Approach

Much work was put into the research of the technical approach used for the project. In summary, C or C++ and OpenGL will be used for languages in the Microsoft Visual Studio.net integrated development environment. Microsoft Visual SourceSafe will be used as the version control system. Any necessary database will be done with text files.

2.1.1.3Infrastructure

The groundwork has been placed for development. A version control system, Microsoft Visual SourceSafe, was set up on a server on one of Dr. Jacobson’s machines. It can be accessed by any future team. Two means for communication were set up: email and a discussion group. The email address, , can be used to communicate with past and present team members. A discussion group was established at that can be used for posting ideas and group communication. The integrated development environment, Microsoft Visual Studio .NET, was integrated with Microsoft Visual SourceSafe. Microsoft Visual Studio .NET can be used to develop the code for the project. A document was created explaining the different pieces of infrastructure and how to access and use each piece.

2.1.1.4Game Development Research

Much research went into game development. Most of this research is included in the design. Research was also done on a resource file manager. This research is not included in the design. The resource file manager is code, licensed from gamedev.net, checked into the version control system. There is a document, also on the version control system, which explains the details of the resource file manager and how to implement it.

2.1.1.5Network Security Research

Research on the topic of network security was done to provide the game with educational context. This research is in the form of a document on the version control system, and also included in the design.

2.1.1.6Documentation

Documentation includes the documents required: project plan, project poster, design report, and this, the final report. Each of these documents was continuously improved throughout the semester. This final report which contains information from the project plan and the design report can be considered the final draft of both the project plan and design report.

The daily activities this term centered on discussion and documentation. From time to time the team would try to implement parts of the project, but would inevitably come to realize that the design was not fully complete and thus more discussion and documentation was needed.

2.1.2Final Results

The final results are a list of deliverables as follows:

-Detailed design document: a high-level description of the design of CYBER Sim that serves as a walk-through for implementing the game.

-Research paper on network security: A document describing the theory of network security and how it has informed the design of CYBER Sim. The content of this document will be incorporated into the game (for example, the descriptions of each network security component.) to educate the players.

-Code and documentation for Resource File Manager: The RFM is a mechanism that allows a game to access library and graphic files. The group has produced compiled code and documentation on how to use it.

-Infrastructure: A version control system, mailing list, and discussion group has been formed for a CYBER Sim team to utilize.

2.1.3Recommendations for Follow-on Work

The following are the recommendations for follow-on work:

  1. Reviewing and revising the document – A future group should review the document for comprehension and revise it as necessary to the needs of their group.
  2. Implementing the game – From the information and instructions given in the documents, a future group can implement CYBER Sim.
  3. Create graphics – A future group can create the art necessary to make CYBER Sim have a professional look-and-feel.
  4. Testing – After the game has been programmed, the future group should rigorously test the program for bugs.

2.2Acknowledgement

InformationAssuranceCenter

Dr. Doug Jacobson, Associate Professor

IowaStateUniversity

2.3Problem Statement

This section defines the problem and the solution in general terms.

2.3.1General Problem Statement

The main problem was how to educate the general population about a concept that is both obscure and technical. Given the abstract nature of computer network security and its implementation, the task was to create an interactive game that would be both educational and entertaining for the user, such that he/she shall have a concrete understanding of the principles behind network security, as well as gain an interest in pursuing the subject in further depth.

2.3.2General Solution-Approach Statement

The solution was to model CYBER Sim after the popular Sim games. The Sim games have brought normally difficult and abstract topics—such as the building of a city or the genesis of life—and brought it down to a level that is easy to grasp and captivating for the player. The goal of CYBER Sim was to do the same with computer network security.

In the product CYBER Sim, the features that have made the Sim games so well-received were attempted to be implemented, including:

  • Functional graphical interface
  • Strategic elements to the game play
  • Easy learning curve and intuitive controls
  • Compelling presentation of the theory and conceptual ideas

2.4Operating Environment

CYBER Sim was planned to be distributed by compact disc (CD), which is subject to wear. It was to be created to run on all versions of the Windows operating system since and including Windows 95. Each of these operating systems has a different level of stability and different functionality that would be needed to be taken into account.

CYBER Sim was to be used on a wide range of computer systems including relatively low-end computer systems. A low-end computer system could have one or more of: low memory, slow CPU speed, low hard disc space, or poor sound or video capabilities.

2.5Intended User(s) and Use(s)

This section identifies the intended users and uses of the project.

2.5.1Intended Users

The intended users of CYBER Sim were those who are interested in computer security and who like to play games. This ranged from middle school students to engineers and professors in the computer industry. CYBER Sim’s user friendly and self-explanatory gameplay was planned to be easy for young adults to navigate, yet its strategic virus attacks shall make it challenging for older adults.

2.5.2Intended Uses

CYBER Sim was planned to be a marketable product and would be distributed by IowaStateUniversity to high schools and other environments where it may be utilized as an educational tool.

2.6Assumptions and Limitations

This section gives the assumptions and limitations for the project.

2.6.1Assumptions

  • Users would possess basic knowledge of and have experience with computers
  • Users would have a CD-ROM drive
  • User would have sufficient computing power
  • Computer would have at least a 300 MHz processor,
  • Computer would have at least 30 MB of disk space,
  • Computer would have at least 64 MB of memory
  • Users would be interested in computer security
  • Game would be played by only one player at a time
  • Users would have access to a Windows based PC

2.6.2Limitations

  • Quality art and music for the game was be limited by time
  • The project must fit on a single CD-ROM (less than 700MB)

2.7Expected End Product and Other Deliverables

  • Project plan
  • Project poster
  • Design report
  • Infrastructure
  • Research
  • Game
  • Final report

The infrastructure will provide the groundwork for development. Infrastructure includes means of group communication, a version control system and an integrated development environment.

Research conducted on the topics of network security and game development will be delivered to the client. The network security research will be included in the game so that the user can learn about network security by playing the game. The game development research can be used by the developers in creating the game.

The game, CYBER Sim, will be distributed by IowaStateUniversity when it is implemented. The program was designed in such a way that it will provide a framework that will be easy to build on by future attempts to expand the game.