Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Constructing attack scenarios through correlation of intrusion alerts
Proceedings of the 9th ACM conference on Computer and communications security
From symptom to cause: localizing errors in counterexample traces
POPL '03 Proceedings of the 30th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Intrusion Detection with Support Vector Machines and Generative Models
ISC '02 Proceedings of the 5th International Conference on Information Security
Two Formal Analys s of Attack Graphs
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Learning attack strategies from intrusion alerts
Proceedings of the 10th ACM conference on Computer and communications security
Proceedings of the 2003 ACM workshop on Rapid malcode
A Systematic Approach to Multi-Stage Network Attack Analysis
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Techniques and tools for analyzing intrusion alerts
ACM Transactions on Information and System Security (TISSEC)
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
Attack scenario graphs for computer network threat analysis and prediction
Complexity - Special issue: Resilient and adaptive defense of computing networks
Model-Based Evaluation: From Dependability to Security
IEEE Transactions on Dependable and Secure Computing
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Hypothesizing and reasoning about attacks missed by intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Documentation Driven Development for Complex Real-Time Systems
IEEE Transactions on Software Engineering
Modeling and Simulation in Security Evaluation
IEEE Security and Privacy
Attack graph generation and analysis
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
A formal approach to sensor placement and configuration in a network intrusion detection system
Proceedings of the 2006 international workshop on Software engineering for secure systems
Fast model-based penetration testing
WSC '04 Proceedings of the 36th conference on Winter simulation
Simulation of imperfect information in vulnerability modeling for infrastructure facilities
WSC '05 Proceedings of the 37th conference on Winter simulation
Generating Graphs for Visual Analytics through Interactive Sketching
IEEE Transactions on Visualization and Computer Graphics
A weakest-adversary security metric for network configuration security analysis
Proceedings of the 2nd ACM workshop on Quality of protection
Framework for malware resistance metrics
Proceedings of the 2nd ACM workshop on Quality of protection
A framework for establishing, assessing, and managing trust in inter-organizational relationships
Proceedings of the 3rd ACM workshop on Secure web services
A scalable approach to attack graph generation
Proceedings of the 13th ACM conference on Computer and communications security
Modeling network intrusion detection alerts for correlation
ACM Transactions on Information and System Security (TISSEC)
Minimum-cost network hardening using attack graphs
Computer Communications
Formal analysis of PIN block attacks
Theoretical Computer Science - Automated reasoning for security protocol analysis
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Toward measuring network security using attack graphs
Proceedings of the 2007 ACM workshop on Quality of protection
Optimal security hardening using multi-objective optimization on attack tree models of networks
Proceedings of the 14th ACM conference on Computer and communications security
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
International Journal of Information and Computer Security
A model-based semi-quantitative approach for evaluating security of enterprise networks
Proceedings of the 2008 ACM symposium on Applied computing
Implementing interactive analysis of attack graphs using relational databases
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
A Graph Based Approach Toward Network Forensics Analysis
ACM Transactions on Information and System Security (TISSEC)
Risk assessment in practice: A real case study
Computer Communications
An OVAL-based active vulnerability assessment system for enterprise computer networks
Information Systems Frontiers
An Adversary Aware and Intrusion Detection Aware Attack Model Ranking Scheme
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Discovering Novel Multistage Attack Strategies
ADMA '07 Proceedings of the 3rd international conference on Advanced Data Mining and Applications
An Attack Graph-Based Probabilistic Security Metric
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
An Opinion Model for Evaluating Malicious Activities in Pervasive Computing Systems
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
A Graph-Theoretic Visualization Approach to Network Risk Analysis
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Improving Attack Graph Visualization through Data Reduction and Attack Grouping
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Extending logical attack graphs for efficient vulnerability analysis
Proceedings of the 15th ACM conference on Computer and communications security
Measuring network security using dynamic bayesian network
Proceedings of the 4th ACM workshop on Quality of protection
Strata-Gem: risk assessment through mission modeling
Proceedings of the 4th ACM workshop on Quality of protection
Asynchronous policy evaluation and enforcement
Proceedings of the 2nd ACM workshop on Computer security architectures
Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs
Journal of Network and Systems Management
Towards more secure systems: how to combine expert evaluations
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Identifying Critical Attack Assets in Dependency Attack Graphs
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
NetQi: A Model Checker for Anticipation Game
ATVA '08 Proceedings of the 6th International Symposium on Automated Technology for Verification and Analysis
Journal of Network and Computer Applications
A Scalable Approach to Full Attack Graphs Generation
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Ranking Attack Graphs with Graph Neural Networks
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Extending Anticipation Games with Location, Penalty and Timeline
Formal Aspects in Security and Trust
Approximation and Hardness Results for Label Cut and Related Problems
TAMC '09 Proceedings of the 6th Annual Conference on Theory and Applications of Models of Computation
Maximizing network security given a limited budget
The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations
Formal Technique for Discovering Complex Attacks in Computer Systems
Proceedings of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07
An intelligent search technique for network security administration
International Journal of Artificial Intelligence and Soft Computing
A Deployment Value Model for Intrusion Detection Sensors
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Towards Unifying Vulnerability Information for Attack Graph Construction
ISC '09 Proceedings of the 12th International Conference on Information Security
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
Computer Communications
Towards Modelling Information Security with Key-Challenge Petri Nets
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
COMSNETS'09 Proceedings of the First international conference on COMmunication Systems And NETworks
Data mining and machine learning-Towards reducing false positives in intrusion detection
Information Security Tech. Report
Quantified security is a weak hypothesis: a critical survey of results and assumptions
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
International Journal of Security and Networks
Evaluating MAPSec by marking attack graphs
Wireless Networks
A stochastic model for intrusions
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Measuring the overall security of network configurations using attack graphs
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Processing multi-parameter attacktrees with estimated parameter values
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Application of the pagerank algorithm to alarm graphs
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Towards analyzing complex operating system access control configurations
Proceedings of the 15th ACM symposium on Access control models and technologies
A framework for security quantification of networked machines
COMSNETS'10 Proceedings of the 2nd international conference on COMmunication systems and NETworks
Computers and Electrical Engineering
Proposing a multi-touch interface for intrusion detection environments
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
Adversary-driven state-based system security evaluation
Proceedings of the 6th International Workshop on Security Measurements and Metrics
Cyber security quantification model
Proceedings of the 3rd international conference on Security of information and networks
Pushing boulders uphill: the difficulty of network intrusion recovery
LISA'09 Proceedings of the 23rd conference on Large installation system administration
EVA: a framework for network analysis and risk assessment
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Security audits of multi-tier virtual infrastructures in public infrastructure clouds
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Event-driven architecture based on patterns for detecting complex attacks
International Journal of Critical Computer-Based Systems
Attack and defense modeling with BDMP
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
k-zero day safety: measuring the security risk of networks against unknown attacks
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
A service dependency model for cost-sensitive intrusion response
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
State space approach to security quantification
COMPSAC-W'05 Proceedings of the 29th annual international conference on Computer software and applications conference
CANVuS: context-aware network vulnerability scanning
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Using attack and protection trees to analyze threats and defenses to homeland security
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Validating and restoring defense in depth using attack graphs
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Modeling and analyzing faults to improve election process robustness
EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections
Baaz: a system for detecting access control misconfigurations
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Optimal response to attacks on the open science grid
Computer Networks: The International Journal of Computer and Telecommunications Networking
Approximation and hardness results for label cut and related problems
Journal of Combinatorial Optimization
Analyzing the security in the GSM radio network using attack jungles
ISoLA'10 Proceedings of the 4th international conference on Leveraging applications of formal methods, verification, and validation - Volume Part I
Using strategy objectives for network security analysis
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Foundations of attack-defense trees
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
A simulation-driven approach for assessing risks of complex systems
EWDC '11 Proceedings of the 13th European Workshop on Dependable Computing
Journal of Network and Systems Management
A new alert correlation algorithm based on attack graph
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
Effective network vulnerability assessment through model abstraction
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
An empirical study on using the national vulnerability database to predict software vulnerabilities
DEXA'11 Proceedings of the 22nd international conference on Database and expert systems applications - Volume Part I
Model-based qualitative risk assessment for availability of IT infrastructures
Software and Systems Modeling (SoSyM)
An algorithm to find optimal attack paths in nondeterministic scenarios
Proceedings of the 4th ACM workshop on Security and artificial intelligence
Distilling critical attack graph surface iteratively through minimum-cost SAT solving
Proceedings of the 27th Annual Computer Security Applications Conference
Assessing the risk of an information infrastructure through security dependencies
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Modelling and analysing network security policies in a given vulnerability setting
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Interactive analysis of attack graphs using relational queries
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Message confidentiality testing of security protocols: passive monitoring and active checking
TestCom'06 Proceedings of the 18th IFIP TC6/WG6.1 international conference on Testing of Communicating Systems
Bringing the user back into control: a new paradigm for usability in highly dynamic systems
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
On synthesizing distributed firewall configurations considering risk, usability and cost constraints
Proceedings of the 7th International Conference on Network and Services Management
Risk management using behavior based bayesian networks
ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
Effective discovery of intrusion protection strategies
AIS-ADM 2005 Proceedings of the 2005 international conference on Autonomous Intelligent Systems: agents and Data Mining
Rule-based topological vulnerability analysis
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Developing an insider threat model using functional decomposition
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Using attack trees to identify malicious attacks from authorized insiders
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A planner-based approach to generate and analyze minimal attack graph
Applied Intelligence
Network vulnerability analysis through vulnerability take-grant model (VTG)
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Attack graph based evaluation of network security
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Janus: a two-sided analytical model for multi-stage coordinated attacks
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Assessing security risk to a network using a statistical model of attacker community competence
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Indices of power in optimal IDS default configuration: theory and examples
GameSec'11 Proceedings of the Second international conference on Decision and Game Theory for Security
Formally modeling the electricity grid with bigraphs
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Toward hybrid attack dependency graphs
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
A new agent based security framework for collaborative cloud environment
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
A dynamic game-theoretic approach to resilient control system design for cascading failures
Proceedings of the 1st international conference on High Confidence Networked Systems
Active graph reachability reduction for network security and software engineering
IJCAI'11 Proceedings of the Twenty-Second international joint conference on Artificial Intelligence - Volume Volume Two
An alert correlation platform for memory-supported techniques
Concurrency and Computation: Practice & Experience
Intrusion Detection: Towards scalable intrusion detection
Network Security
A systematic process-model-based approach for synthesizing attacks and evaluating them
EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
Specification and validation of enterprise information security policies
Proceedings of the CUBE International Information Technology Conference
The method of optimizing the automatic vulnerability validation
Proceedings of the Fifth International Conference on Security of Information and Networks
Quantitative security evaluation of a multi-biometric authentication system
SAFECOMP'12 Proceedings of the 2012 international conference on Computer Safety, Reliability, and Security
Transforming commodity security policies to enforce Clark-Wilson integrity
Proceedings of the 28th Annual Computer Security Applications Conference
Detecting and preventing activex API-Misuse vulnerabilities in internet explorer
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
Accepting the inevitable: factoring the user into home computer security
Proceedings of the third ACM conference on Data and application security and privacy
Using security policies to automate placement of network intrusion prevention
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Identifying a preferred countermeasure strategy for attack graphs
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
Towards modelling adaptive attacker's behaviour
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Optimal interdiction of attack plans
Proceedings of the 2013 international conference on Autonomous agents and multi-agent systems
Reconciliation engine and metric for network vulnerability assessment
Proceedings of the First International Conference on Security of Internet of Things
Go with the flow: toward workflow-oriented security assessment
Proceedings of the 2013 workshop on New security paradigms workshop
Aggregating vulnerability metrics in enterprise networks using attack graphs
Journal of Computer Security
| Hi-index | 0.00 |
An integral part of modeling the global view of network security isconstructing attack graphs.In practice, attack graphs areproduced manually by Red Teams.Construction by hand, however, istedious, error-prone, and impractical for attack graphs larger than ahundred nodes.In this paper we present an automated technique forgenerating and analyzing attack graphs.We base our technique onsymbolic model checking algorithms,letting us construct attack graphs automatically and efficiently.Wealso describe two analyses to help decide which attacks would be mostcost-effective to guard against.We implemented our technique in atool suite and tested it on a small network example, which includesmodels of a firewall and an intrusion detection system.