An Approach to Model Network Exploitations Using Exploitation Graphs

SIMULATION

Volumn 82, Issue 8, 2006, Pages 523-541

  Li, Wei ^a   Vaughn, Rayford B ^b   Dandass, Yoginder S ^b  

^a NOVA SOUTHEASTERN UNIVERSITY   (United States)

^b MISSISSIPPI STATE UNIVERSITY   (United States)

Author keywords

computer security; Exploitation graph (e graph); graph based modeling; vulnerability graph

Indexed keywords

ALGORITHMS; COMPUTER SIMULATION; GRAPHIC METHODS; MATHEMATICAL MODELS; SECURITY OF DATA;

COMPUTING ENVIRONMENT; GRAPH-BASED MODELING; VULNERABILITY GRAPH;

COMPUTER NETWORKS;

EID: 33750734683     PISSN: 00375497     EISSN: None     Source Type: Journal    
DOI: 10.1177/0037549706072046     Document Type: Article

References (34)

1. STAT scanner. 2004. Available from: http://www.stat.harris.com/solutions/vuln_assess/scanner_index.asp
2. Kewley, D. L., and J. F. Bouchard. 2001. DARPA information assurance program dynamic defense experiment summary. IEEE Transactions on Systems, Man and Cybernetics—Part A: System and Humans 31 (4): 331-336.
3. Ning, P., Y. Cui, and D. S. Reeves. 2002. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security, 245-254. New York: ACM Press.
4. Schneier, B. 1999. Attack trees. Dr. Dobb's Journal 24 (12): 21-29.
5. Cuppens, F., and A. Miege. 2002. Alert correlation in a cooperative intrusion detection framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, 187-200. Los Alamitos, CA: IEEE Computer Society Press.
6. Templeton, S. J., and K. Levitt. 2000. A requires/provides model for computer attacks. In Proceedings of the 2000 New Security Paradigms Workshop, 31-38. New York: ACM Press.
7. Ammann, P., D. Wijesekera, and S. Kaushik. 2002. Scalable, graph-based network vulnerability analysis. In Proceedings of the 9th ACM Conference on Computer and Communications Security, edited by V. Alturi, 217-224. New York: ACM Press.
8. Jha, S., O. Sheyner, and J. M. Wing. 2002. Two formal analyses of attack graphs. In Proceedings of the 15th IEEE Computer SecurityFoundationsWorkshop, 49-63. LosAlamitos, CA: IEEE Computer Society Press.
9. Ritchey, R. W., and P. Ammann. 2000. Using model checking to analyze network vulnerabilities. In Proceedings of the 2000 IEEE Computer Society Symposium on Security and Privacy, 156-165. Los Alamitos, CA: IEEE Computer Society Press.
10. Sheyner, O., J. Haines, S. Jha, R. Lippmann, and J. M. Wing. 2002. Automated generation and analysis of attack graphs. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, 254-265. LosAlamitos, CA: IEEE Computer Society Press.
11. Swiler, L. P., C. Phillips, D. Ellis, and S. Chakerian. 2001. Computer-attack graph generation tool. In Proceedings of the DARPA Information Survivability Conference and Exposition, vol. 2, 1307-1321. Los Alamitos, CA: IEEE Computer Society Press.
12. Swiler, L. P., C. Phillips, and T. Gaylor. 1998. A graph-based network-vulnerability analysis system. Report SAND97-3010/1, Sandia National Laboratories, Albuquerque, NM.
13. Jajodia, S., S. Noel, and B. O’Berry. 2003. Topological analysis of network attack vulnerability. In Managing cyber threats: Issues, approaches and challenges, edited by V. Kumar, J. Srivastava, and A. Lazarevic. Boston: Kluwer.
14. Cheung, S., U. Lindqvist, and M. W. Fong. 2003. Modeling multistep cyber attacks for scenario recognition. In Proceedings of the DARPA Information Survivability Conference and Exposition, 284-292. Los Alamitos, CA: IEEE Computer Society Press.
15. Ramakrishnan, C. R., and R. Sekar. 2002. Model-based analysis of configuration vulnerabilities. Journal of Computer Security 10 (1-2): 189-209.
16. Li, W., and R. B. Vaughn. 2005. Building simplified exploitation graphs for a cluster computing environment. In Proceedings of the 6th IEEE Information Assurance Workshop, 50-57. Los Alamitos, CA: IEEE Computer Society Press.
17. Common Vulnerability Exposures. 2004. Available from: http://cve.mitre.org/
18. Bérard, B., M. Bidoit, A. Finkel, F. Laroussinie, A. Petit, L. Petrucci, and P. Schnoebelen. 2001. Systems and software verification: Model-checking techniques and tools. Berlin: Springer-Verlag.
19. Noel, S., and S. Jajodia. 2004. Managing attack graph complexity through visual hierarchical aggregation. In Proceedings of the ACM CCS Workshop on Visualization and Data Mining for Computer Security, 109-118. New York: ACM Press.
20. Noel, S., S. Jajodia, B. O’Berry, and M. Jacobs. 2003. Efficient minimum-cost network hardening via exploit dependency graphs. In Proceedings of the 19th Annual Computer Security Applications Conference. Silver Spring, MD: Applied Computer Security Associates.
21. Li, W. 2002. The integration of security sensors into the intelligent intrusion detection system (IIDS) in a cluster environment. Master's project report, Department of Computer Science, Mississippi State University.
22. Li, W., and E. B. Allen. 2005. An access control model for securecluster-computingenvironments. In Proceedingsofthe38th Hawaii International Conference on System Sciences, 309-310. Los Alamitos, CA: IEEE Computer Society Press. Full paper available on proceedings CD.
23. BugtraqVulnerabilitiesArchive.2004.Availablefrom:http://www.securityfocus.com/bid
24. CERT® Advisories. 2004. Available from: http://www.cert.org/advisories
25. National Vulnerability Database. 2005. Available from: http://nvd.nist.gov/
26. SANS Top 20 Vulnerabilities. 2004. Available from: http://www.sans.org/top20/
27. Li, W. 2005.An approach to graph-based modeling of network exploitations. PhD diss., Department of Computer Science, Mississippi State University.
28. Graphviz. 2004. Available from: http://www.research.att.com/sw/tools/graphviz/
29. ICAT Metabase. 2004.Available from: http://icat.nist.gov/icat.cfm
30. Kumar, S. 1995. Classification and detection of computer intrusions. PhD diss., Department of Computer Science, Purdue University, West Lafayette, IN.
31. Das, K. J. 2000. Attack development for intrusion detection evaluation. Master's thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology.
32. Chartrand, G., and L. Lesniak. 1986. Graphs & digraphs. 2nd ed. Belmont, CA: Wadsworth.
33. Schudel, G., and B. Wood. 2000. Adversary work factor as a metric for information assurance. In Proceedings of the 2000 New Security Paradigms Workshop, 23-30. New York: ACM Press.
34. Ortalo, R., Y. Deswarte, and M. Kaaniche. 1999. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering 25 (5): 633-665.