Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
A requires/provides model for computer attacks
Proceedings of the 2000 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
LAMBDA: A Language to Model a Database for Detection of Attacks
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Understanding Complex Network Attack Graphs through Clustered Adjacency Matrices
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
An approach to graph-based modeling of network exploitations
An approach to graph-based modeling of network exploitations
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
GARNET: A Graphical Attack Graph and Reachability Network Evaluation Tool
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Improving Attack Graph Visualization through Data Reduction and Attack Grouping
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Extending logical attack graphs for efficient vulnerability analysis
Proceedings of the 15th ACM conference on Computer and communications security
Maximizing network security given a limited budget
The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations
Sat-solving approaches to context-aware enterprise network security management
IEEE Journal on Selected Areas in Communications - Special issue on network infrastructure configuration
Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
A simulation-driven approach for assessing risks of complex systems
EWDC '11 Proceedings of the 13th European Workshop on Dependable Computing
Accepting the inevitable: factoring the user into home computer security
Proceedings of the third ACM conference on Data and application security and privacy
Cloud risk analysis by textual models
Proceedings of the 1st International Workshop on Model-Driven Engineering for High Performance and CLoud computing
Hi-index | 0.00 |
Defense in depth is a common strategy that uses layers of firewalls to protect Supervisory Control and Data Acquisition (SCADA) subnets and other critical resources on enterprise networks. A tool named NetSPA is presented that analyzes firewall rules and vulnerabilities to construct attack graphs. These show how inside and outside attackers can progress by successively compromising exposed vulnerable hosts with the goal of reaching critical internal targets. NetSPA generates attack graphs and automatically analyzes them to produce a small set of prioritized recommendations to restore defense in depth. Field trials on networks with up to 3,400 hosts demonstrate that firewalls often do not provide defense in depth due to misconfigurations and critical unpatched vulnerabilities on hosts. In all cases, a small number of recommendations was provided to restore defense in depth. Simulations on networks with up to 50,000 hosts demonstrate that this approach scales well to enterprise-size networks.