Success Likelihood of Ongoing Attacks for Intrusion Detection and Response Systems

Kanoun, Waël; Cuppens-Boulahia, Nora; Cuppens, Frédéric; Dubus, Samuel; Martin, Antony

doi:10.1109/cse.2009.233

Cited by 18 publications

(16 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Prior work in this area similarly represents attacks as developing progressively. It is thus commonly based on attack trees or graphs, Markov processes, state space models, Bayesian networks, etc., (31,(71)(72)(73) in which the central feature is that being in one state gives access to another.…”

Section: The Attack Affordance Graphmentioning

confidence: 99%

Analysis of Affordance, Time, and Adaptation in the Assessment of Industrial Control System Cybersecurity Risk

2017

View full text Add to dashboard Cite

Industrial control systems increasingly use standard communication protocols and are increasingly connected to public networks-creating substantial cybersecurity risks, especially when used in critical infrastructures such as electricity and water distribution systems. Methods of assessing risk in such systems have recognized for some time the way in which the strategies of potential adversaries and risk managers interact in defining the risk to which such systems are exposed. But it is also important to consider the adaptations of the systems' operators and other legitimate users to risk controls, adaptations that often appear to undermine these controls, or shift the risk from one part of a system to another. Unlike the case with adversarial risk analysis, the adaptations of system users are typically orthogonal to the objective of minimizing or maximizing risk in the system. We argue that this need to analyze potential adaptations to risk controls is true for risk problems more generally, and we develop a framework for incorporating such adaptations into an assessment process. The method is based on the principle of affordances, and we show how this can be incorporated in an iterative procedure based on raising the minimum period of risk materialization above some threshold. We apply the method in a case study of a small European utility provider and discuss the observations arising from this.

show abstract

Section: The Attack Affordance Graphmentioning

confidence: 99%

Analysis of Affordance, Time, and Adaptation in the Assessment of Industrial Control System Cybersecurity Risk

2017

View full text Add to dashboard Cite

show abstract

“…The semi-explicit correlation type generalizes the explicit method by introducing preconditions and postconditions for each step in the attack graph, instead of focusing on generating the whole attack graph [40]. The semi-explicit approach is flexible because only the elementary entities are defined and then the causal relationships between these elementary entities connect them [16]. Due to its flexibility, we will propose a semi-explicit method using preconditions and postconditions to model attacks.…”

Section: Accepted Manuscriptmentioning

confidence: 99%

Realtime intrusion risk assessment model based on attack and service dependency graphs

Shameli‐Sendi

Dagenais

Wang

2018

Computer Communications

View full text Add to dashboard Cite

Network services are becoming larger and increasingly complex to manage. It is extremely critical to maintain the users QoS, the response time of applications, and critical services in high demand. On the other hand, we see impressive changes in the ways in which attackers gain access to systems and infect services. When an attack is detected, an Intrusion Response System (IRS) is responsible to accurately assess the value of the loss incurred by a compromised resource and apply the proper responses to mitigate attack. Without having a proper risk assessment, our automated IRS will reduce network performance, wrongly disconnect users from the network, or result in high costs for administrators reestablishing services, and become a DoS attack for our network, which will eventually have to be disabled. In this paper, we address these challenges and we propose a new model to combine the Attack Graph and Service Dependency Graph approaches to calculate the impact of an attack more accurately compared to other existing solutions. To show the effectiveness of our model, a sophisticated multi-step attack was designed to compromise a web server, as well as to acquire root privilege. Our results illustrate the efficiency of the proposed model and confirm the feasibility of the approach in real-time.

show abstract

“…The approach in this paper provides a solution to this problem using privileges, thus propagating impacts only when infected privileges enable such propagations. Pre-emptive response draws dependencies between elementary exploits [8,17] or vulnerabilities [3,7] rather than services. It provides techniques to evaluate attacker intentions and to adjust cost measures accordingly.…”

Section: Related Workmentioning

confidence: 99%

“…An intrusion impact covers the privileges realized on the target service and the services which use the target service. We note a main difference between the purpose of this paper, which is to evaluate the impact of elementary intrusions, and the prediction of attacker objectives as used in exploit graphs [8]. Exploit graphs often assign static damage costs to each elementary node within these graphs [17].…”

Section: Introductionmentioning

confidence: 99%

Ex-SDF: An Extended Service Dependency Framework for Intrusion Impact Assessment

Kheir¹,

Cuppens-Boulahia²,

Cuppens³

et al. 2010

Security and Privacy – Silver Linings in the Cloud

Self Cite

View full text Add to dashboard Cite

Information systems are increasingly dependent on highly distributed architectures that include multiple dependencies. Even basic attacks like script-kiddies have drastic effects on target systems as they easily spread through existing dependencies. Unless intrusion effects are accurately assessed, response systems will still be blinded when selecting optimal responses. In fact, using only response costs as a basis to select responses is still meaningless if not compared to intrusion costs. While conventional responses provoke mostly availability impacts, intrusions affect confidentiality, integrity and availability. This paper develops an approach to assess intrusion impacts on IT systems. It uses service dependencies as frames for propagating impacts. It goes beyond existing methods which mostly use dependability analysis techniques. It explores service privileges as being the main targets for attackers, and the tunable parameters for intrusion response. The approach presented in this paper is implemented as a simulation-based framework and demonstrated for the example of a vehicle reservation service.

show abstract

Success Likelihood of Ongoing Attacks for Intrusion Detection and Response Systems

Cited by 18 publications

References 11 publications

Analysis of Affordance, Time, and Adaptation in the Assessment of Industrial Control System Cybersecurity Risk

Analysis of Affordance, Time, and Adaptation in the Assessment of Industrial Control System Cybersecurity Risk

Realtime intrusion risk assessment model based on attack and service dependency graphs

Ex-SDF: An Extended Service Dependency Framework for Intrusion Impact Assessment

Contact Info

Product

Resources

About