A host-based approach to network attack chaining analysis

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2005, Issue , 2005, Pages 75-84

  Ammann, Paul ^a   Pamula, Joseph ^b   Ritchey, Ronald ^c   Street, Julie ^a  

^a GEORGE MASON UNIVERSITY   (United States)

^b Krasnow Institute for Advanced Study   (United States)

^c BOOZ ALLEN HAMILTON   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER NETWORKS; GRAPH THEORY; MATHEMATICAL MODELS; SECURITY OF DATA; SOFTWARE PROTOTYPING;

ATTACK PATH; NETWORK ATTACK;

PUBLIC KEY CRYPTOGRAPHY;

EID: 33846269000     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.2005.6     Document Type: Conference Paper

References (25)

1. P. Ammann, D. Wijesekera, and S. Kaushik. Scalable graph-based vulnerability analysis. In Proceedings CCS 2002: 9th ACM Conference on Computer and Commuincations Security, pages 217-224, Washington, DC, November 2002.
2. R. Baldwin. Kuang: Rule based security checking. Technical report, MIT Lab for Computer Science, Programming Systems Research Group, May 1994.
3. Bugtraq. The security vulnerabilities mailing list, http://www. securityfocus.com.
4. T. Cormen, C. Leiserson, and R. Rivest. Introduction to Algorithms. McGraw-Hill Book Company and The MIT Press, 1998.
5. F. Cuppens and A. Miege. Alert correlation in a cooperative intrustion detection framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P '02), May 2002.
6. J. Dawkins, C. Campbell, and J. Hale. Modeling network attacks: Extending the attack tree paradigm. In Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, Johns Hopkins University, June 2002. Center for Information Security, University of Tulsa.
7. H. Debar and A. Wespi. Aggregation and correlation of intrusion detection alerts. In Proceedings of Recent Advances in Intrusion Detection (RAID 2001), pages 85-103, 2000.
8. Graphviz. Graph visualization software. http://www.graphviz.org.
9. S. Jha, O. Sheyner, and J. Wing. Minimization and reliability analysis of attack graphs. Technical Report CMU-CS-02-109, School of Computer Science, Carnegie Mellon University, February 2002.
10. S. Jha, O. Sheyner, and J. Wing. Two formal analyses of attack graphs. In Proceedings of the 2002 Computer Security Foundations Workshop, pages 49-63, Nova Scotia, June 2002.
11. Nessus. Open source vulnerability scanner project. http://www.nessus.org.
12. NetMap. Network modeling, discovery, and analysis. http://www.cs.ucsb. edu/~rsg/NetMap/index.html.
13. P. Ning, Y. Cui, and D. Reeves. Constructing attack scenarios through correlation of intrustion alerts. In Proceedings of the 9th ACM Conference on Computer & Communications Security, pages 245-254, Washington D.C., November 2002.
14. P. Ning, D. Xu, C. Healey, and R. S. Amant. Building attack scenarios through integration of complementary alert correlation methods. In Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS '04), pages 97-111, February 2004.
15. S. Noel, S. Jajodia, B. O'Berry, and M. Jacobs. Efficient minimum-cost network hardening via exploit dependency graphs. In Proceedings ACSAC 2003: 19th Annual Computer Security Applications Conference, pages 86-95, Las Vegas, December 2003.
16. C. Phillips and L. Swiler. A graph-based system for network-vulnerability analysis. In Proceedings of the New Security Paradigms Workshop, pages 71-79, Charlottesville, VA, 1998.
17. C. Ramakrishnan and R. Sekar. Model-based vulnerability analysis of computer systems. In Proceedings of the 2nd International Workshop on Verification, Model Checking and Abstract Interpretation, September 1998.
18. Retina. Network security scanner. http://www.eeye.com/html/products/ Retina/.
19. R. W. Ritchey and P. Ammann. Using model checking to analyze network vulnerabilities. In Proceedings of the 2000 IEEE Symposium on Security and Privacy (Oakland 2000), pages 156-165, Oakland, CA, May 2000.
20. O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. Wing. Automated generation and analysis of attack graphs. In Proceedings of the 2002 IEEE Symposium on Security and Privacy (Oakland 2002), pages 254-265, Oakland, CA, May 2002.
21. O. Sheyner and J. Wing. Tools for generating and analyzing attack graphs. In To appear in Proceedings of International Symposium on Formal Methods for Components and Objects, Lecture Notes in Computer Science, 2005.
22. L. Swiler, C. Phillips, D. Ellis, and S. Chakerian. Computer-attack graph generation tool. In Proceedings DISCEX '01: DARPA Information Survivability Conference & Exposition II, pages 307-321, June 2001.
23. S. Templeton and K. Levitt. A requires/provides model for computer attacks. In Proceedings of the New Security Paradigms Workshop, Cork, Ireland, September 2000. http://seclab.cs.ucdavis.edu/papers/NP2000-rev.pdf.
24. G. Vigna, F. Valeur, J. Zhou, and R. Kremmerer. Composable tools for network discovery and security analysis. In Proceedings ACSAC 2002: 18th Annual Computer Security Applications Conference, Las Vegas, December 2002.
25. D. Zerkle and K. Levitt. Netkuang - A multi-host configuration vulnerability checker. In Proceedings of the 6th USENIX Unix Security Symposium, San Jose, CA, 1996.