Models and tools for quantitative assessment of operational security
Information systems security
A graph-based system for network-vulnerability analysis
Proceedings of the 1998 workshop on New security paradigms
Alternating-time temporal logic
Journal of the ACM (JACM)
Model-based analysis of configuration vulnerabilities
Journal of Computer Security
Two Formal Analys s of Attack Graphs
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Using Model Checking to Analyze Network Vulnerabilities
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Game-Based Analysis of Denial-of-Service Prevention Protocols
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
NetKuang: a multi-host configuration vulnerability checker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
NetQi: A Model Checker for Anticipation Game
ATVA '08 Proceedings of the 6th International Symposium on Automated Technology for Verification and Analysis
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
A logical framework for evaluating network resilience against faults and attacks
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Using strategy objectives for network security analysis
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Timed alternating-time temporal logic
FORMATS'06 Proceedings of the 4th international conference on Formal Modeling and Analysis of Timed Systems
| Hi-index | 0.00 |
Over the last few years, attack graphs have became a well recognized tool to analyze and model complex network attack. The most advanced evolution of attack graphs, called anticipation games, is based on game theory. However even if anticipation games allow to model time, collateral effects and player interactions with the network, there is still key aspects of the network security that cannot be modeled in this framework. Theses aspects are network cooperation to fight unknown attack, the cost of attack based on its duration and the introduction of new attack over the time. In this paper we address these needs, by introducing a three-fold extension to anticipation games. We prove that this extension does not change the complexity of the framework. We illustrate the usefulness of this extension by presenting how it can be used to find a defense strategy against 0 days that use an honey net. Finally, we have implemented this extension into a prototype, to show that it can be used to analyze large networks security.