Attack graph based evaluation of network security

Authors:
Igor Kotenko;Mikhail Stepashkin
Affiliations:
SPIIRAS, St.-Petersburg, Russia;SPIIRAS, St.-Petersburg, Russia
Venue:
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Year:
2006

Citing 10
Cited 6

Managing Information Security Risks: The Octave Approach

Managing Information Security Risks: The Octave Approach
Automated Generation and Analysis of Attack Graphs

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Using Model Checking to Analyze Network Vulnerabilities

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Risk Management using Behavior based Attack Graphs

ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
Techniques and tools for analyzing intrusion alerts

ACM Transactions on Information and System Security (TISSEC)
Understanding Complex Network Attack Graphs through Clustered Adjacency Matrices

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Fast model-based penetration testing

WSC '04 Proceedings of the 36th conference on Winter simulation
MulVAL: a logic-based network security analyzer

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Impact Analysis of Faults and Attacks in Large-Scale Networks

IEEE Security and Privacy
A framework based approach for formal modeling and analysis of multi-level attacks in computer networks

FORTE'05 Proceedings of the 25th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems

Scalable attack graph for risk assessment

ICOIN'09 Proceedings of the 23rd international conference on Information Networking
Quantified security is a weak hypothesis: a critical survey of results and assumptions

NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Model for evaluation of SOA security metrics using attack graphs

International Journal of Critical Computer-Based Systems
Towards automatic creation of usable security configuration

INFOCOM'10 Proceedings of the 29th conference on Information communications
Are markets for vulnerabilities effective?

MIS Quarterly
A stochastic model of attack process for the evaluation of security metrics

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

The perspective directions in evaluating network security are simulating possible malefactor's actions, building the representation of these actions as attack graphs (trees, nets), the subsequent checking of various properties of these graphs, and determining security metrics which can explain possible ways to increase security level. The paper suggests a new approach to security evaluation based on comprehensive simulation of malefactor's actions, construction of attack graphs and computation of different security metrics. The approach is intended for using both at design and exploitation stages of computer networks. The implemented software system is described, and the examples of experiments for analysis of network security level are considered.