Interactive analysis of attack graphs using relational queries

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4127 LNCS, Issue , 2006, Pages 119-132

  Wang, Lingyu ^a   Yao, Chao ^a   Singhal, Anoop ^b   Jajodia, Sushil ^a  

^a George Mason University   (United States)

^b NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ALGORITHMS; COMPUTER NETWORKS; KNOWLEDGE BASED SYSTEMS; OPTIMIZATION; QUERY LANGUAGES; USER INTERFACES; ARTIFICIAL INTELLIGENCE; DECISION SUPPORT SYSTEMS; GRAPHIC METHODS; QUERY PROCESSING;

ATTACK GRAPHS; DOMAIN KNOWLEDGE; INTERACTIVE ANALYSIS; RELATIONAL QUERIES; CURRENT ANALYSIS; NETWORK CONFIGURATION; NETWORK INTRUSIONS; OPTIMIZATION TECHNIQUES; RELATIONAL DATABASE;

RELATIONAL DATABASE SYSTEMS; SECURITY OF DATA;

EID: 33746743758     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11805588_9     Document Type: Conference Paper

References (21)

1. P. Ammann, D. Wijesekera, and S. Kaushik. Scalable, graph-based network vulnerability analysis. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02), pages 217-224, 2002.
2. T.H. Cormen, C.E. Leiserson, and R.L. Rivest. Introduction to Algorithms. MIT Press, 1990.
3. F. Cuppens and A. Miege. Alert correlation in a cooperative intrusion detection framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P'02), pages 187-200, 2002.
4. M. Dacier. Towards quantitative evaluation of computer security. Ph.D. Thesis, Institut National Polytechnique de Toulouse, 1994.
5. R. Deraison. Nessus scanner, 1999. Available at http://www.nessus.org.
6. D. Farmer and E.H. Spafford. The COPS security checker system. In USENIX Summer, pages 165-170, 1990.
7. J. Gray, A. Bosworth, A. Bosworth, A. Layman, D. Reichart, M. Venkatrao, F. Pellow, and H. Pirahesh. Data cube: A relational aggregation operator generalizing group-by, cross-tab, and sub-totals. Data Mining and Knowledge Discovery, 1(1):29-53, 1997.
8. S. Jajodia, S. Noel, and B. O'Berry. Topological analysis of network attack vulnerability. In V. Kumar, J. Srivastava, and A. Lazarevic, editors, Managing Cyber Threats: Issues, Approaches and Challenges. Kluwer Academic Publisher, 2003.
9. S. Jha, O. Sheyner, and J.M. Wing. Two formal analysis of attack graph. In Proceedings of the 15th Computer Security Foundation Workshop (CSFW'02), 2002.
10. P. Ning, Y. Cui, and D.S. Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS'02), pages 245-254, 2002.
11. S. Noel and S. Jajodia. Correlating intrusion events and building attack scenarios through attack graph distance. In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04), 2004.
12. S. Noel, S. Jajodia, B. O'Berry, and M. Jacobs. Efficient minimum-cost network hardening via exploit dependency grpahs. In Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC'03), 2003.
13. R. Ortalo, Y. Deswarte, and M. Kaaniche. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Trans. Software Eng., 25(5):633-650, 1999.
14. C. Phillips and L. Swiler. A graph-based system for network-vulnerability analysis. In Proceedings of the New Security Paradigms Workshop (NSPW'98), 1998.
15. C.R. Ramakrishnan and R. Sekar. Model-based analysis of configuration vulnerabilities. Journal of Computer Security, 10(1/2):189-209, 2002.
16. R. Ritchey and P. Ammann. Using model checking to analyze network vulnerabilities. In Proceedings of the 2000 IEEE Symposium on Research on Security and Privacy (S&P'00), pages 156-165, 2000.
17. R. Ritchey, B. O'Berry, and S. Noel. Representing TCP/IP connectivity for topological analysis of network security. In Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC'02), page 25, 2002.
18. O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing. Automated generation and analysis of attack graphs. In Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P'02), pages 273-284, 2002.
19. L. Swiler, C. Phillips, D. Ellis, and S. Chakerian. Computer attack graph generation tool. In Proceedings of the DARPA Information Survivability Conference & Exposition II (DISCEX'01), 2001.
20. L. Wang, A. Liu, and S. Jajodia. An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts. In Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS 2005), pages 247-266, 2005.
21. D. Zerkle and K. Levitt. Netkuang - a multi-host configuration vulnerability checker. In Proceedings of the 6th USENIX Unix Security Symposium (USENIX'96), 1996.