Survivability analysis of networked systems
ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
Computer Networks
IEEE Internet Computing
Scenario graphs and attack graphs
Scenario graphs and attack graphs
An integrated network scanning tool for attack graph construction
GPC'11 Proceedings of the 6th international conference on Advances in grid and pervasive computing
| Hi-index | 0.00 |
Several efficient tools have emerged to aim at auditing and measuring the security of a computer system or an internal network. Along with the increasing complexity of network attacks, these tools become more and more complicated. Even so, most of them can only do simple snapshot analysis of the current system and are incapable of identifying possible attacks whose preconditions are not fulfilled at the beginning but may be possible during the further attack progression. This paper proposes a new framework for the security measurement that commits complex attack sequences and does stateful inspection of the target environment. The framework consists of five core components: Information Gatherer, Knowledge Base, Interaction Agent, Evaluation Engine and User Interface. An easy-to-use tool, called SNAPP, is realized based on the proposed framework. The dependencies among each attack step in an attack sequence revealed by SNAPP can be easily expressed using Attack Graphs which assist to make security evaluations of the testing environment. Several experiments that actually simulate and perform some well known penetration attacks using SNAPP are presented and analyzed for comparison and measurement of current security methods, such as the conventional filtering-based firewalls and our patented Lock-Keeper technology, which is an implementation of the high-level security concept "Physical Separation".