Two formal analyses of attack graphs

Proceedings of the Computer Security Foundations Workshop

Volumn 2002-January, Issue , 2002, Pages 49-63

  Jha, S ^a   Sheyner, O ^b   Wing, J ^b  

^a University of Wisconsin Madison   (United States)

^b Carnegie Mellon University   (United States)

Author keywords

Computer science; Contracts; Forensics; Greedy algorithms; Intrusion detection; Performance analysis; Polynomials; Safety; Security; US Department of Defense

Indexed keywords

ACCIDENT PREVENTION; ALGORITHMS; COMPUTER SCIENCE; CONTRACTS; COST BENEFIT ANALYSIS; COST EFFECTIVENESS; ECONOMIC AND SOCIAL EFFECTS; GRAPHIC METHODS; INTRUSION DETECTION; ITERATIVE METHODS; MARKOV PROCESSES; MODEL CHECKING; POLYNOMIALS; RELIABILITY ANALYSIS; SECURITY OF DATA; SECURITY SYSTEMS;

FORENSICS; GREEDY ALGORITHMS; PERFORMANCE ANALYSIS; SECURITY; US DEPARTMENT OF DEFENSE;

GRAPH THEORY;

EID: 84948760464     PISSN: 10636900     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSFW.2002.1021806     Document Type: Conference Paper

References (19)

1. E. Altman. Constrained Markov Decision Processes. Chapman & Hall/CRC, 1999.
2. G. Ausiello, A. D'Atri, and M. Protasi. Structure preserving reductions among convex optimization problems. Journal of Computational System Sciences (JCSS), 21:136-153, 1980.
3. R. E. Bryant. Graph-based algorithms for boolean function manipulation. IEEE Trans. Comput., C-35(8):677-691, Aug. 1986.
4. E. M. Clarke, O. Grumberg, and D. Peled. Model Checking. MIT Press, 2000.
5. T. Cormen, C. Leiserson, and R. Rivest. Introduction to Algorithms. The MIT Press, 1991.
6. M. Dacier. Towards Quantitative Evaluation of Computer Security. PhD thesis, Institut National Polytechnique de Toulouse, December 1994.
7. R. Durrett. Probability: Theory and Examples. Duxbury Press, 2nd edition, 1995.
8. M. Garey and D. Johnson. Computers and Intractibility. W.H. Freeman and Company, 1979.
9. S. Jha, O. Sheyener, and J. M. Wing. Two formal analyses of attack graphs. Technical Report CMU-CS-02-109, Carnegie Mellon University, February 2002.
10. NuSMV: a new symbolic model checker. http://afrodite.itc.it:1024/nusmv/.
11. R. Ortalo, Y. Deswarte, and M. Kaaniche. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering, 25/5:633-650, Sept/Oct 1999.
12. C. Phillips and L. Swiler. A graph-based system for network vulnerability analysis. In ACM New Security Paradigms Workshop, pages 71-79, 1998.
13. M. Puterman. Markov Decision Processes-Discrete Stochastic Dynamic Programming. John Wiley & Sons, Inc., New York, 1994.
14. R. Ritchey and P. Ammann. Using model checking to analyze network vulnerabilities. In Proceedings of IEEE Symposium on Security and Privacy, pages 156-165, May 2001.
15. O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. Wing. Automated generation and analysis of attack graphs. In Proceedings of IEEE Symposium on Security and Privacy, May 2002.
16. SMV: a symbolic model checker. http://www-2.cs.cmu.edu/modelcheck/.
17. P. Stephenson. Using formal methods for forensic analysis of intrusion events - a preliminary examination. White Paper, available at http://www.imfgroup.com/DocumentLibrary.html.
18. L. P. Swiler, C. Phillips, D. Ellis, and S. Chakerian. Computer-attack graph generation tool. In Proceedings of the DARPA Information Survivability Conference and Exposition, June 12-14 2000.
19. A. Valdes and K. Skinner. Probabilistic alert detection. In Recent Advances in Intrusion Detection (RAID), 2001.