NICE: Network intrusion detection and countermeasure selection in virtual network systems

IEEE Transactions on Dependable and Secure Computing

Volumn 10, Issue 4, 2013, Pages 198-211

  Chung, Chun Jen ^a   Khatkar, Pankaj ^a   Xing, Tianyi ^a   Lee, Jeongkeun ^b   Huang, Dijiang ^a  

^a Arizona State University   (United States)

^b HEWLETT PACKARD LABORATORIES   (United States)

Author keywords

Attack graph; Cloud computing; Intrusion detection; Network security; Zombie detection

Indexed keywords

APPLICATION PROGRAMMING INTERFACES (API); CLOUD COMPUTING; DENIAL-OF-SERVICE ATTACK; GRAPHIC METHODS; INFRASTRUCTURE AS A SERVICE (IAAS); INTRUSION DETECTION; VIRTUAL MACHINE;

ATTACK GRAPH; DISTRIBUTED DENIAL OF SERVICE; DISTRIBUTED VULNERABILITY DETECTION; MONITOR AND CONTROL; NETWORK INTRUSION DETECTION; RESEARCH AND DEVELOPMENT; SECURITY EVALUATION; SELECTION MECHANISM;

NETWORK SECURITY;

EID: 84897585209     PISSN: 15455971     EISSN: None     Source Type: Journal    
DOI: 10.1109/TDSC.2013.8     Document Type: Article

References (33)

1. Coud Sercurity Alliance, "Top Threats to Cloud Computing v1.0," https://cloudsecurityalliance.org/topthreats/csathreats. v1.0.pdf, Mar. 2010.
2. M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, "A View of Cloud Computing," ACM Comm., vol. 53, no. 4, pp. 50-58, Apr. 2010.
3. B. Joshi, A. Vijayan, and B. Joshi, "Securing Cloud Computing Environment Against DDoS Attacks," Proc. IEEE Int'l Conf. Computer Comm. and Informatics (ICCCI '12), Jan. 2012.
4. H. Takabi, J.B. Joshi, and G. Ahn, "Security and Privacy Challenges in Cloud Computing Environments," IEEE Security and Privacy, vol. 8, no. 6, pp. 24-31, Dec. 2010.
5. "Open vSwitch Project," http://openvswitch.org, May 2012.
6. Z. Duan, P. Chen, F. Sanchez, Y. Dong, M. Stephenson, and J. Barker, "Detecting Spam Zombies by Monitoring Outgoing Messages," IEEE Trans. Dependable and Secure Computing, vol. 9, no. 2, pp. 198-210, Apr. 2012.
7. G. Gu, P. Porras, V. Yegneswaran, M. Fong, and W. Lee, "BotHunter: Detecting Malware Infection through IDS-driven Dialog Correlation," Proc. 16th USENIX Security Symp. (SS '07), pp. 12:1-12:16, Aug. 2007.
8. G. Gu, J. Zhang, and W. Lee, "BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic," Proc. 15th Ann. Network and Distributed Sytem Security Symp. (NDSS '08), Feb. 2008.
9. O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing, "Automated Generation and Analysis of Attack Graphs," Proc. IEEE Symp. Security and Privacy, pp. 273-284, 2002 (Pubitemid 34648119)
10. "NuSMV: A New Symbolic Model Checker," http://afrodite.itc. it:1024/nusmv. Aug. 2012.
11. P. Ammann, D. Wijesekera, and S. Kaushik, "Scalable, graphbased network vulnerability analysis," Proc. 9th ACM Conf. Computer and Comm. Security (CCS '02), pp. 217-224, 2002.
12. X. Ou, S. Govindavajhala, and A.W. Appel, "MulVAL: A Logic-Based Network Security Analyzer," Proc. 14th USENIX Security Symp., pp. 113-128, 2005.
13. R. Sadoddin and A. Ghorbani, "Alert Correlation Survey: Framework and Techniques," Proc. ACM Int'l Conf. Privacy, Security and Trust: Bridge the Gap between PST Technologies and Business Services (PST '06), pp. 37:1-37:10, 2006.
14. L. Wang, A. Liu, and S. Jajodia, "Using Attack Graphs for Correlating, Hypothesizing, and Predicting Intrusion Alerts," Computer Comm., vol. 29, no. 15, pp. 2917-2933, Sept. 2006. (Pubitemid 44232972)
15. S. Roschke, F. Cheng, and C. Meinel, "A New Alert Correlation Algorithm Based on Attack Graph," Proc. Fourth Int'l Conf. Computational Intelligence in Security for Information Systems, pp. 58-67, 2011.
16. A. Roy, D.S. Kim, and K. Trivedi, "Scalable Optimal Countermeasure Selection Using Implicit Enumeration on Attack Countermeasure Trees," Proc. IEEE Int'l Conf. Dependable Systems Networks (DSN '12), June 2012.
17. N. Poolsappasit, R. Dewri, and I. Ray, "Dynamic Security Risk Management Using Bayesian Attack Graphs," IEEE Trans. Dependable and Secure Computing, vol. 9, no. 1, pp. 61-74, Feb. 2012.
18. Open Networking Fundation, "Software-Defined Networking: The New Norm for Networks," ONF White Paper, Apr. 2012.
19. "Openflow," http://www.openflow.org/wp/learnmore/, 2012.
20. N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner, "OpenFlow: Enabling Innovation in Campus Networks," SIGCOMM Computer Comm. Rev., vol. 38, no. 2, pp. 69-74, Mar. 2008.
21. E. Keller, J. Szefer, J. Rexford, and R.B. Lee, "NoHype: Virtualized Cloud Infrastructure without the Virtualization," Proc. 37th ACM Ann. Int'l Symp. Computer Architecture (ISCA '10), pp. 350-361, June 2010.
22. X. Ou, W.F. Boyer, and M.A. McQueen," A Scalable Approach to Attack Graph Generation," Proc. 13th ACM Conf. Computer and Comm. Security (CCS '06), pp. 336-345, 2006. (Pubitemid 47131381)
23. Mitre Corporation, "Common Vulnerabilities and Exposures, CVE," http://cve.mitre.org/, 2012.
24. P. Mell, K. Scarfone, and S. Romanosky, "Common Vulnerability Scoring System (CVSS)," http://www.first.org/cvss/cvss-guide. html, May 2010.
25. O. Database, "Open Source Vulnerability Database (OVSDB)," http://osvdb.org/, 2012.
26. National Institute of Standards and Technology, "National Vulnerability Database, NVD," http://nvd.nist. gov, 2012.
27. N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown, and S. Shenker, "NOX: Towards an Operating System for Networks," SIGCOMM Computer Comm. Rev., vol. 38, no. 3, pp. 105-110, July 2008.
28. X. Ou and A. Singhal, Quantitative Security Risk Assessment of Enterprise Networks. Springer, Nov. 2011.
29. M. Frigault and L. Wang, "Measuring Network Security Using Bayesian Network-Based Attack Graphs," Proc. IEEE 32nd Ann. Int'l Conf. Computer Software and Applications (COMPSAC '08), pp. 698-703, Aug. 2008.
30. K. Kwon, S. Ahn, and J. Chung, "Network Security Management Using ARP Spoofing," Proc. Int'l Conf. Computational Science and Its Applications (ICCSA '04), pp. 142-149, 2004.
31. "Metasploit," http://www.metasploit.com, 2012.
32. "Armitage," http://www.fastandeasyhacking.com, 2012.
33. M. Tupper and A. Zincir-Heywood, "VEA-bility Security Metric: A Network Security Analysis Tool," Proc. IEEE Third Int'l Conf. Availability, Reliability and Security (ARES '08), pp. 950-957, Mar. 2008.