VTAC: Virtual terrain assisted impact assessment for cyber attacks

Proceedings of SPIE - The International Society for Optical Engineering

Volumn 6973, Issue , 2008, Pages

  Argauer, Brian J ^a   Yang, Shanchieh Jay ^a  

^a Rochester Institute of Technology   (United States)

Author keywords

Cyber security; Impact assessment; Information fusion

Indexed keywords

CORRELATION METHODS; INFORMATION FUSION; MATHEMATICAL MODELS; USER INTERFACES; VIRTUAL REALITY;

CYBER SECURITY; IMPACT ASSESSMENT;

COMPUTER CRIME;

EID: 43249129731     PISSN: 0277786X     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1117/12.777291     Document Type: Conference Paper

References (18)

1. T. Bass, "Intrusion detection systems and multisensor data fusion," Communications of the ACM 43, April 2000.
2. Forum of Incident Response and Security Teams (FIRST), "A complete guide to the common vulnerability scoring system." http://www.first.org/ cvss/cvss-guide.html, 2007.
3. U. Lindqvist and E. Jonsson, "How to systematically classify computer security intrusions," in Proceedings of the IEEE Symposium on Security and Privacy, pp. 154-163, (Oakland, CA, USA), 1997.
4. P. G. Neumann and D. B. Parker, "A summary of computer misuse techniques," in Proceedings of the 12th National Computer Security Conference, pp. 396-407, (Baltimore, Maryland, USA), Oct. 10-13 1989.
5. J. Howard and T. Longstaff, "A common language for computer security incidents," 1998.
6. J. Mirkovic and P. Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms," Computer Communication Review 34(2), pp. 39-53, 2004.
7. S. Vidalis and A. Jones, "Using vulnerability trees for decision making in threat assessment," tech. rep., University of Glamorgan, School of Computing, Wales, UK, June 2003.
8. C. Phillips and L. P. Swiler, "A graph-based system for network-vulnerability analysis," in Proceedings of the 1998 workshop for new security paradigms, pp. 71 - 79, (New York, NY, USA), 1998.
9. F. Massicotte, M. Couture, L. Briand, and Y. Labiche, "Context-based intrusion detection using snort, nessus and bugtraq databases," in Proceedings of the Third Annual Conference on Privacy, Security and Trust, (Fredericton), October 2005.
10. Sourcefire, "Snort: an open source network intrusion prevention and detection system." http://www.snort.org, 2007.
11. T. N. S. Inc., "Nessus vulnerability scanner." http://www.nessus.org/, 2007.
12. S. Focus, "Bugtraq vulnerability database." http://www.securityfocus.org/bid, 2006.
13. F. Valeur, G. Vigna, C. Kruegel, and R. A. Kemmerer, "A comprehensive approach to intrusion detection alert correlation," IEEE Transactions on Dependable and Secure Computing 1, pp. 146 - 169, July-Sep 2004.
14. P. Porras, M. Fong, and A. Valdes, "A mission-impact-based approach to infosec alarm correlation," in Recent Advances in Intrusion Detection. 5th International Symposium, RAID 2002. Proceedings (Lecture Notes in Computer Science Vo.2516), pp. 95 - 114, (Zurich, Switzerland), 2002.
15. J. Holsopple, B. Argauer, and S. J. Yang, "Virtual terrain: a common representation of a computer network," in Proceedings of SPIE, Defense and Security Symposium, March 2008.
16. Mitre, "Common vulnerabilities and exposures (CVE dictionary)." http://cve.mitre.org, 2007.
17. M. Sudit, A. Stotz, and M. Holender, "Situational awareness of a coordinated cyber attack," in Proceedings of SPIE, Defense and Security Symposium, pp. 114-129, March 2005.
18. M. Sudit, A. Stotz, M. Holender, W. Tagliaferri, and K. Canarelli, "Measuring situation awareness and resolving inherent high-level fusion obstacles," in Proceedings of SPIE, Defense and Security Symposium, 6242, April 2006.