A graph-based system for network-vulnerability analysis
Proceedings of the 1998 workshop on New security paradigms
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security
IEEE Transactions on Software Engineering
A requires/provides model for computer attacks
Proceedings of the 2000 workshop on New security paradigms
Two Formal Analys s of Attack Graphs
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Alert Correlation in a Cooperative Intrusion Detection Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Using Model Checking to Analyze Network Vulnerabilities
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
NetKuang: a multi-host configuration vulnerability checker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Learning attack strategies from intrusion alerts
Proceedings of the 10th ACM conference on Computer and communications security
Proceedings of the 2003 ACM workshop on Rapid malcode
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
On achieving software diversity for improved network security using distributed coloring algorithms
Proceedings of the 11th ACM conference on Computer and communications security
Hypothesizing and reasoning about attacks missed by intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Modeling and Simulation in Security Evaluation
IEEE Security and Privacy
A weakest-adversary security metric for network configuration security analysis
Proceedings of the 2nd ACM workshop on Quality of protection
Understanding multistage attacks by attack-track based visualization of heterogeneous event streams
Proceedings of the 3rd international workshop on Visualization for computer security
A framework for establishing, assessing, and managing trust in inter-organizational relationships
Proceedings of the 3rd ACM workshop on Secure web services
A scalable approach to attack graph generation
Proceedings of the 13th ACM conference on Computer and communications security
Minimum-cost network hardening using attack graphs
Computer Communications
Journal of Systems Architecture: the EUROMICRO Journal
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Toward measuring network security using attack graphs
Proceedings of the 2007 ACM workshop on Quality of protection
Optimal security hardening using multi-objective optimization on attack tree models of networks
Proceedings of the 14th ACM conference on Computer and communications security
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Implementing interactive analysis of attack graphs using relational databases
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
An OVAL-based active vulnerability assessment system for enterprise computer networks
Information Systems Frontiers
An Attack Graph-Based Probabilistic Security Metric
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
An Opinion Model for Evaluating Malicious Activities in Pervasive Computing Systems
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
A Graph-Theoretic Visualization Approach to Network Risk Analysis
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Improving Attack Graph Visualization through Data Reduction and Attack Grouping
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Extending logical attack graphs for efficient vulnerability analysis
Proceedings of the 15th ACM conference on Computer and communications security
Measuring network security using dynamic bayesian network
Proceedings of the 4th ACM workshop on Quality of protection
Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs
Journal of Network and Systems Management
Identifying Critical Attack Assets in Dependency Attack Graphs
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
An adaptive architecture of applying vulnerability analysis to IDS alerts
ICAIT '08 Proceedings of the 2008 International Conference on Advanced Infocomm Technology
Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients
Proceedings of the 2009 ACM symposium on Applied Computing
A Scalable Approach to Full Attack Graphs Generation
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Maximizing network security given a limited budget
The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations
Formal Technique for Discovering Complex Attacks in Computer Systems
Proceedings of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07
An intelligent search technique for network security administration
International Journal of Artificial Intelligence and Soft Computing
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
Computer Communications
Multi-aspect security configuration assessment
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
Towards Modelling Information Security with Key-Challenge Petri Nets
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
COMSNETS'09 Proceedings of the First international conference on COMmunication Systems And NETworks
Evaluating MAPSec by marking attack graphs
Wireless Networks
Measuring the overall security of network configurations using attack graphs
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Application of the pagerank algorithm to alarm graphs
ICICS'07 Proceedings of the 9th international conference on Information and communications security
IT security analysis best practices and formal approaches
Foundations of security analysis and design IV
A network security analysis method using vulnerability correlation
ICNC'09 Proceedings of the 5th international conference on Natural computation
Towards analyzing complex operating system access control configurations
Proceedings of the 15th ACM symposium on Access control models and technologies
EVA: a framework for network analysis and risk assessment
LISA'09 Proceedings of the 23rd conference on Large installation system administration
k-zero day safety: measuring the security risk of networks against unknown attacks
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
A service dependency model for cost-sensitive intrusion response
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
CANVuS: context-aware network vulnerability scanning
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Validating and restoring defense in depth using attack graphs
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Optimal adversary behavior for the serial model of financial attack trees
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Baaz: a system for detecting access control misconfigurations
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Risk-neutral evaluation of information security investment on data centers
Journal of Intelligent Information Systems
Objective Risk Evaluation for Automated Security Management
Journal of Network and Systems Management
An ACO based approach for detection of an optimal attack path in a dynamic environment
ICDCN'10 Proceedings of the 11th international conference on Distributed computing and networking
Effective network vulnerability assessment through model abstraction
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
System decomposition for temporal concept analysis
ICCS'11 Proceedings of the 19th international conference on Conceptual structures for discovering knowledge
An empirical study on using the national vulnerability database to predict software vulnerabilities
DEXA'11 Proceedings of the 22nd international conference on Database and expert systems applications - Volume Part I
An algorithm to find optimal attack paths in nondeterministic scenarios
Proceedings of the 4th ACM workshop on Security and artificial intelligence
Graph clustering based on optimization of a macroscopic structure of clusters
DS'11 Proceedings of the 14th international conference on Discovery science
Distilling critical attack graph surface iteratively through minimum-cost SAT solving
Proceedings of the 27th Annual Computer Security Applications Conference
A hybrid ranking approach to estimate vulnerability for dynamic attacks
Computers & Mathematics with Applications
Assessing the risk of an information infrastructure through security dependencies
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Modelling and analysing network security policies in a given vulnerability setting
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Interactive analysis of attack graphs using relational queries
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Integrating IDS alert correlation and OS-Level dependency tracking
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Bringing the user back into control: a new paradigm for usability in highly dynamic systems
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Supporting vulnerability awareness in autonomic networks and systems with OVAL
Proceedings of the 7th International Conference on Network and Services Management
Rule-based topological vulnerability analysis
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Using attack trees to identify malicious attacks from authorized insiders
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A planner-based approach to generate and analyze minimal attack graph
Applied Intelligence
Network vulnerability analysis through vulnerability take-grant model (VTG)
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
NV: Nessus vulnerability visualization for the web
Proceedings of the Ninth International Symposium on Visualization for Cyber Security
Accepting the inevitable: factoring the user into home computer security
Proceedings of the third ACM conference on Data and application security and privacy
Optimal interdiction of attack plans
Proceedings of the 2013 international conference on Autonomous agents and multi-agent systems
A model for quantitative security measurement and prioritisation of vulnerability mitigation
International Journal of Security and Networks
CoBAn: A context based model for data leakage prevention
Information Sciences: an International Journal
Aggregating vulnerability metrics in enterprise networks using attack graphs
Journal of Computer Security
Hi-index | 0.00 |
Even well administered networks are vulnerable to attack. Recent work in network security has focused on the fact that combinations of exploits are the typical means by which an attacker breaks into a network. Researchers have proposed a variety of graph-based algorithms to generate attack trees (or graphs). Either structure represents all possible sequences of exploits, where any given exploit can take advantage of the penetration achieved by prior exploits in its chain, and the final exploit in the chain achieves the attacker's goal. The most recent approach in this line of work uses a modified version of the model checker NuSMV as a powerful inference engine for chaining together network exploits, compactly representing attack graphs, and identifying minimal sets of exploits. However, it is also well known that model checkers suffer from scalability problems, and there is good reason to doubt whether a model checker can handle directly a realistic set of exploits for even a modest-sized network. In this paper, we revisit the idea of attack graphs themselves, and argue that they represent more information explicitly than is necessary for the analyst. Instead, we propose a more compact and scalable representation. Although we show that it is possible to produce attack trees from our representation, we argue that more useful information can be produced, for larger networks, while bypassing the attack tree step. Our approach relies on an explicit assumption of monotonicity, which, in essence, states that the precondition of a given exploit is never invalidated by the successful application of another exploit. In other words, the attacker never needs to backtrack. The assumption reduces the complexity of the analysis problem from exponential to polynomial, thereby bringing even very large networks within reach of analysis