Chapter 1: Introduction
Simulation involves the study of the behavior of a system through manipulation of a model. It is commonly preferred since it is cost-effective compared to the risks that would be involved in manipulating a real-life or actual live system (Alghazzawi, Hamid Hasan and SalimTrigui 2014, p. 26). Simulation has been used to explorer new possibilities in processes and system without having to incur costs in setting up and running such systems. Simulations can be grouped into three; constructive, virtual and live simulations.
Constructive simulations
These types of simulations are performed in virtual platforms. The objects and entities involved in the simulation process are also virtual in nature (Kaul and Sharma 2013, p. 14). Examples of such simulation in computer security include defense scenarios, canned attacks and packet sniffers.
Virtual Simulation
This involves any form of simulation of real world entities in a virtual platform (Sherouse, Mosher, Novins, Rosenman, and Chaney 1987, p. 433).
Live Simulation
It represents real world entities such as real world objects and people in a real world environment (Chen, and Howard, 2010, p. 133). Role playing and packet wars are an example of live simulation in computer security. In the field of information systems security, simulation provides understanding by vulnerabilities and threats by enabling interaction between parts of a network and observing the impact or effect on the system as a whole. Computer simulation has been used for vulnerability assessment, understand the propagation of new types of threats or malware and understand the network topology of the computer systems (Ingrassia, Ragazzoni, Carenzo, Colombo, Gallardo, and Della Corte 2015, p. 121). In summary, simulation can be used for the purpose of research and development of threats and security measures, analysis of attacks and countermeasures and testing defense and incidents.
Computer systems can be large and complex. Consequently, in order to effectively simulate, it is necessary to decouple the systems into parts and processes. In this case, the High Level Architecture (HLA) which is a technical framework developed by Department of Defense, is used break a system into subsystem. This model also overcomes the problems of interoperability and reusability in application. The High Level Architecture (HLA) is used to link all the subsystems during simulation to enable them to receive and send information between each other (Sheetlani 2017). In addition, the model enables addition of new simulation systems to existing ones in addition to allowing interoperability between operating systems and programming languages.
Chapter 2: Methodology and Implementation
In this simulation exercise, a Distributed Denial of Service attack is simulated. A hi-jacked botnet is used to attack a “peaceful” network. A DDOS is a flood attack where a stable system is bombarded with packets in order to make a service unavailable to genuine users in the system (Kuzmanovic and Knightly 2007, p. 2717).
In the current simulation, the term “attacked” means that a relatively stable network has been compromised by another network with a flood attack. The simulation is implemented in the form of three servers which are linked to a switch to create a LAN for the sales department. To make the attack possible, the network firewall is deliberately misconfigured in order to allow FTP traffic to pass (Waliullah and Gan 2014). This introduces a weakness or vulnerability in the target network which can then be exploited by sending FTP traffic (Bhattacharjee, Sengupta and Chatterjee 2013, p. 1389; Archambeault 2008, p. 1-12).
In order to provide a simulation close to that of real world, a miniature internet is created from which other networks in the organization are connected to. Computer hackers are sending a flood of traffic and accessing file to the FTP server. The Database server is inaccessible during this period. A graphical representation of how the FTP server is bombarded with packets is represented in figure 1.0. During the time of the attack, genuine users of the system are not able to access any services, thus leading to a denial of service.
Implementation
In order to implement the simulation, the following components were required.
Three Servers:
• Database Server
• Web Server
• FTP Server (FTP, File print)
One Switch:
• Switch (Used to connect the three servers together)
Three Routers:
• LAN Router (sends packets from sales department to servers)
• Router MAN B: (sends packets from the botnet to the LAN)
• Router MAN A (sends packets from hacker engineers to the LAN)
One Firewall:
• The firewall is deliberately misconfigured to allow FTP traffic)
Three LAN’s:
Botnet : shows a hi-jacked botnet sending FTP packets to the FTP server
Sales: LAN representing 30 users of the sales and marketing department. The employees use the hosts for file printing, web browsing and database access.
Engineers : represents 10 employees in the engineering department that use computers mainly for file transfer and printing and web browsing.
One Internet cloud: shows a wide area network.
Chapter 3: Findings
The simulation shows a botnet used to attack a company Local Area Network File Transfer Server. This is done by sending a flood of packets to the FTP Server, thus denying users access to the server. In the simulation, one hundred hosts are used to send TCP and UDP packets at very short interval. From the diagram, the botnet attack occurs after five hundred seconds. The bovver network shows the impact of the DDOS when the engineers try to access files in the FTP Server. It can be seen that the access is generally slowed due to the attacks. If an organization has not invested in trained employees who easily detect the problem, the attackers can mine customer and employee data for use in unscrupulous activities. These findings have been replicated in form of diagrams after the simulation was conducted. A solution to such attacks is putting in place preventive mechanisms that provide early alert when the systems are tampered with.
The simulation provides useful information for understanding a DDOS attack. However, it is important to note that attacks techniques cannot be fully captured in one simulation model. As a result, a better network traffic and attack model is necessary to bring the model closer to a real world scenario. Importantly, the simulation findings were as planned and they provide an opportunity to learn how hackers launch attacks on a company crippling operations until the problem has been resolved.
Conclusion
Nonetheless, while simulations are effective in helping organizations and individuals understand certain situations and scenarios related to security communication, they have some limitations. Some of these limiting factors of a simulation include: The model of attack is not verified and validated. For instance, the impact could be different for a buffer overflow, worm and virus. The simulation has also been limited by lack of verified and validated internet traffic. In this paper, a description of a computer simulation for information systems security vulnerability has been provided. It first describes an introduction to simulation followed by the methodology and implementation. Finally, a summarized discussion of the findings is provided. This assignment provided an opportunity to implement some of the skills learnt from the coursework on how to simulate. The exercise provided a practical opportunity to gain more knowledge on this particular study area.

References
Alghazzawi, D., Hamid Hasan, S. and SalimTrigui, M. (2014). Information Systems Threats and Vulnerabilities. International Journal of Computer Applications, 89(3), pp.25-29.
Archambeault, B., 2008, August. Introduction to the limitations of modeling/simulation techniques. In Electromagnetic Compatibility, 2008. EMC 2008. IEEE International Symposium on (pp. 1-12). IEEE.
Bhattacharjee, S., Sengupta, S. and Chatterjee, M. (2013). Vulnerabilities in cognitive radio networks: A survey. Computer Communications, 36(13), pp.1387-1398.
Chen, C.H. and Howard, B.C., 2010. Effect of live simulation on middle school students’ attitudes and learning toward science. Educational Technology & Society, 13(1), pp.133-139.
Ingrassia, P.L., Ragazzoni, L., Carenzo, L., Colombo, D., Gallardo, A.R. and Della Corte, F., 2015. Virtual reality and live simulation: a comparison between two simulation tools for assessing mass casualty triage skills. European Journal of Emergency Medicine, 22(2), pp.121-127.
Kaul, P. and Sharma, D. (2013). Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures. International Journal of Computer Applications, 67(7), pp.13-16.
Kuzmanovic, A. and Knightly, E. (2007). Receiver-centric congestion control with a misbehaving receiver: Vulnerabilities and end-point solutions. Computer Networks, 51(10), pp.2717-2737.
Sheetlani, D. (2017). The Vulnerabilities of Cloud Computing: Security Threats. IOSR Journal of Computer Engineering, 19(02), pp.36-43.
Sherouse, G.W., Mosher, C.E., Novins, K., Rosenman, J. and Chaney, E.L., 1987. Virtual simulation: concept and implementation. In Ninth International Conference on the Use of Computers in Radiation Therapy: North-Holland Publishing Co (pp. 433-436).
Waliullah, M. and Gan, D. (2014). Wireless LAN Security Threats & Vulnerabilities. International Journal of Advanced Computer Science and Applications, 5(1).