Evaluating Network Security With Two-Layer Attack Graphs

Xie, Anming; Cai, Zhipeng; Tang, Cong; Hu, Jianbin; Chen, Zhong

doi:10.1109/acsac.2009.22

Cited by 26 publications

(21 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This assumption helped to derive a graph containing all required information about dependency relationships among vulnerabilities [11]. Third, [12] has overcome a scalability problem by constructing a two-layer attack graphs, which in sense have reduced computation cost and simplified the graph itself. The monotonicity assumption is also applied to generate the graph.…”

Section: Preliminaries a A Notion Of An Attack Graphmentioning

confidence: 99%

“…An attack sequence is described as a single path in the graph and the dependencies between the paths are the relations between the vulnerabilities. As a result, attack graphs can provide meaningful and quantitative conclusions in analysing network security [12]. Commonly an attack graph can be represented with exploits and conditions [3].…”

Section: Preliminaries a A Notion Of An Attack Graphmentioning

confidence: 99%

“…This case is handled by the insertion of dummy conditions to capture the conjunctive relationship [3]. A new approach of two-layer attack graphs has provided an advantage of vividly analysing graphs, finding dangerous hosts inside a network and process several targets at the same time [12]. The generation model consists of host-pair attack (Figure 1(b)) and hosts access graphs (Figure 1(b)).…”

Section: Definition 1 Given a Set Of Exploits E A Set Of Conditions mentioning

confidence: 99%

See 2 more Smart Citations

An Analytical Evaluation of Network Security Modelling Techniques Applied to Manage Threats

Viduto

Maple

Huang

2010

2010 International Conference on Broadband, Wireless Computing, Communication and Applications

View full text Add to dashboard Cite

Abstract-The current ubiquity of information coupled with the reliance on such data by businesses, has led to a great deal of resources being deployed to ensure the security of this information. Threats can come from a number of sources and the dangers from those insiders closest to the source have increased significantly recently. This paper focuses on techniques used to identify and manage threats as well as the measures that every organisation should consider to put into action. A novel game-based onion skin model has been proposed, combining techniques used in theory-based and hardware-based hardening strategies.

show abstract

Section: Preliminaries a A Notion Of An Attack Graphmentioning

confidence: 99%

Section: Preliminaries a A Notion Of An Attack Graphmentioning

confidence: 99%

Section: Definition 1 Given a Set Of Exploits E A Set Of Conditions mentioning

confidence: 99%

See 1 more Smart Citation

An Analytical Evaluation of Network Security Modelling Techniques Applied to Manage Threats

Viduto

Maple

Huang

2010

2010 International Conference on Broadband, Wireless Computing, Communication and Applications

View full text Add to dashboard Cite

show abstract

“…On the other hand, most of the attack graphs are designed for a single target, and cannot be used to evaluate the overall security of the networks with several targets. To address these striking problems Anming Xie, Zhuhua Cai, Cong Tang, Jianbin Hu, and Zhong Chen [11] developed a novel approach to generate and describe the attack graph. They developed a two layer attack graph, where the upper layer is a host access graph and the lower layer is composed of some host pair attack graphs.…”

Section: Attack Graphsmentioning

confidence: 99%

Cybersecurity: A Stochastic Predictive Model to Determine Overall Network Security Risk Using Markovian Process

Pokhrel¹,

Tsokos²

2017

JIS

View full text Add to dashboard Cite

There are several security metrics developed to protect the computer networks. In general, common security metrics focus on qualitative and subjective aspects of networks lacking formal statistical models. In the present study, we propose a stochastic model to quantify the risk associated with the overall network using Markovian process in conjunction with Common Vulnerability Scoring System (CVSS) framework. The model we developed uses host access graph to represent the network environment. Utilizing the developed model, one can filter the large amount of information available by making a priority list of vulnerable nodes existing in the network. Once a priority list is prepared, network administrators can make software patch decisions. Gaining in depth understanding of the risk and priority level of each host helps individuals to implement decisions like deployment of security products and to design network topologies.

show abstract

“…Attack graph reasoning utilizes reverse engineering techniques used by the investigators for scrutinizing computer attacks in hierarchical way (Anming, Zhuhua, Cong, Jianbin, & Zhong, 2009). This methodology is the main part of the evidence process phase in network forensics.…”

Section: Network Attack Graphsmentioning

confidence: 99%

Attack Graph Analysis for Network Anti-Forensics

Chandran

Yan

2014

International Journal of Digital Crime and Forensics

View full text Add to dashboard Cite

The development of technology in computer networks has boosted the percentage of cyber-attacks today. Hackers are now able to penetrate even the strongest IDS and firewalls. With the help of anti-forensic techniques, attackers defend themselves, from being tracked by destroying and distorting evidences. To detect and prevent network attacks, the main modus of operandi in network forensics is the successful implementation and analysis of attack graph from gathered evidences. This paper conveys the main concepts of attack graphs, requirements for modeling and implementation of graphs. It also contributes the aspect of incorporation of anti-forensic techniques in attack graph which will help in analysis of the diverse possibilities of attack path deviations and thus aids in recommendation of various defense strategies for better security. To the best of our knowledge, this is the first time network anti-forensics has been fully discussed and the attack graphs are employed to analyze the network attacks. The experimental analysis of anti-forensic techniques using attack graphs were conducted in the proposed test-bed which helped to evaluate the model proposed and suggests preventive measures for the improvement of security of the networks.

show abstract

Evaluating Network Security With Two-Layer Attack Graphs

Cited by 26 publications

References 22 publications

An Analytical Evaluation of Network Security Modelling Techniques Applied to Manage Threats

An Analytical Evaluation of Network Security Modelling Techniques Applied to Manage Threats

Cybersecurity: A Stochastic Predictive Model to Determine Overall Network Security Risk Using Markovian Process

Attack Graph Analysis for Network Anti-Forensics

Contact Info

Product

Resources

About