Attack graph generation and analysis
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Fast model-based penetration testing
WSC '04 Proceedings of the 36th conference on Winter simulation
A model of the behavior of network objects in distributed computer systems
Programming and Computing Software
Simulating adversarial interactions between intruders and system administrators using OODA-RR
Proceedings of the 2007 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
A Simple, Smart and Extensible Framework for Network Security Measurement
Information Security and Cryptology
Identifying Critical Attack Assets in Dependency Attack Graphs
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Formal Technique for Discovering Complex Attacks in Computer Systems
Proceedings of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07
SAFECOMP '09 Proceedings of the 28th International Conference on Computer Safety, Reliability, and Security
Adversary-driven state-based system security evaluation
Proceedings of the 6th International Workshop on Security Measurements and Metrics
EVA: a framework for network analysis and risk assessment
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Event-driven architecture based on patterns for detecting complex attacks
International Journal of Critical Computer-Based Systems
Remodeling vulnerability information
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
An ACO based approach for detection of an optimal attack path in a dynamic environment
ICDCN'10 Proceedings of the 11th international conference on Distributed computing and networking
Appraisal and reporting of security assurance at operational systems level
Journal of Systems and Software
Refining abstractions of hybrid systems using counterexample fragments
HSCC'05 Proceedings of the 8th international conference on Hybrid Systems: computation and control
A planner-based approach to generate and analyze minimal attack graph
Applied Intelligence
Taxonomy of quality metrics for assessing assurance of security correctness
Software Quality Control
Reconciliation engine and metric for network vulnerability assessment
Proceedings of the First International Conference on Security of Internet of Things
A methodology and supporting techniques for the quantitative assessment of insider threats
Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing
A model for quantitative security measurement and prioritisation of vulnerability mitigation
International Journal of Security and Networks
CloRExPa: Cloud resilience via execution path analysis
Future Generation Computer Systems
Aggregating vulnerability metrics in enterprise networks using attack graphs
Journal of Computer Security
Hi-index | 0.00 |
We develop formal techniques that give users flexibility in examining design errors discovered by automated analysis. We build our results using the model checking approach to verification. The two inputs to a model checker are a finite system model and a formal correctness property specifying acceptable behaviors. The correctness property induces a bipartition on the set of behaviors of the model: correct behaviors, which satisfy the property, and faulty behaviors, which violate the property. Traditional model checkers give users a single counterexample, chosen from the set of faulty behaviors. Giving the user access to the entire set, however, lets him have more control over the design refinement process. The focus of our work is on ways of generating, presenting, and analyzing faulty behavior sets. We present our results in two parts. In Part I we introduce concepts that let us define faulty behavior sets as failure scenario graphs . We then describe algorithms for generating scenario graphs. The algorithms use model checking techniques to produce faulty behavior sets that are sound and complete. In Part II we apply our formal concepts to the security domain. Building on the foundation established in Part I, we define and analyze attack graphs, an application of scenario graphs to represent ways in which intruders attack computer networks. This application of formal analysis contributes to techniques and tools for strengthening network security.