EVA: a framework for network analysis and risk assessment

Authors:
Melissa Danforth
Affiliations:
Department of Computer Science, California State University, Bakersfield, Bakersfield, CA
Venue:
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Year:
2009

Citing 12
Cited 0

A graph-based system for network-vulnerability analysis

Proceedings of the 1998 workshop on New security paradigms
A requires/provides model for computer attacks

Proceedings of the 2000 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis

Proceedings of the 9th ACM conference on Computer and communications security
Two Formal Analys s of Attack Graphs

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Automated Generation and Analysis of Attack Graphs

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Using Model Checking to Analyze Network Vulnerabilities

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs

ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Scenario graphs and attack graphs

Scenario graphs and attack graphs
Practical Attack Graph Generation for Network Defense

ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Models for threat assessment in networks

Models for threat assessment in networks
Optimal security hardening using multi-objective optimization on attack tree models of networks

Proceedings of the 14th ACM conference on Computer and communications security
Scalable Patch Management Using Evolutionary Analysis of Attack Graphs

ICMLA '08 Proceedings of the 2008 Seventh International Conference on Machine Learning and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

EVA is an attack graph tool that allows an administrator to assess and analyze a network in a variety of fashions. Unlike other attack graph tools which just focus on visualizing the network or recommending a set of patches to secure the network, EVA goes beyond these modes to fully explore the power of attack graphs for a multitude of administrative and security tasks. EVA can be used to derive a set of hardening measures for a network, to perform strategic analysis of a network, to design a more secure network architecture, to assist in forensic evaluations after a security event and to augment an intrusion detect system with information about the likely targets of an attack. This paper summarizes the framework used by EVA, provides real-world results of using EVA and shows how EVA is scalable to large networks.