Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Model-based analysis of configuration vulnerabilities
Journal of Computer Security
LAMBDA: A Language to Model a Database for Detection of Attacks
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Proceedings of the 2003 ACM workshop on Rapid malcode
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
NOOSE - Networked Object-Oriented Security Examiner
LISA '00 Proceedings of the 14th USENIX conference on System administration
Minimum-cost network hardening using attack graphs
Computer Communications
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Toward measuring network security using attack graphs
Proceedings of the 2007 ACM workshop on Quality of protection
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
An OVAL-based active vulnerability assessment system for enterprise computer networks
Information Systems Frontiers
An Attack Graph-Based Probabilistic Security Metric
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs
Journal of Network and Systems Management
Extending Anticipation Games with Location, Penalty and Timeline
Formal Aspects in Security and Trust
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
Computer Communications
Evaluating MAPSec by marking attack graphs
Wireless Networks
Measuring the overall security of network configurations using attack graphs
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Computers and Electrical Engineering
Interactive analysis of attack graphs using relational queries
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Network vulnerability analysis through vulnerability take-grant model (VTG)
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Optimal interdiction of attack plans
Proceedings of the 2013 international conference on Autonomous agents and multi-agent systems
| Hi-index | 0.00 |
NetKuang is an extension to Baldwin's SU-Kuang. It runs on networks of computers using Unix and can find vulnerabilities created by poor system configuration. Vulnerabilities are discovered using a backwards goal-based search that is breadth-first on individual hosts and parallel when multiple hosts are checked. An implementation in C++ found real vulnerabilities on production systems. Tests show reasonably fast performance on a Lan.