Abstract
The perspective directions in evaluating network security are simulating possible malefactor’s actions, building the representation of these actions as attack graphs (trees, nets), the subsequent checking of various properties of these graphs, and determining security metrics which can explain possible ways to increase security level. The paper suggests a new approach to security evaluation based on comprehensive simulation of malefactor’s actions, construction of attack graphs and computation of different security metrics. The approach is intended for using both at design and exploitation stages of computer networks. The implemented software system is described, and the examples of experiments for analysis of network security level are considered.
Chapter PDF
Similar content being viewed by others
References
Alberts, C., Dorofee, A.: Managing Information Security Risks: The OCTAVE Approach. Addison-Wesley, Reading (2002)
Chapman, C., Ward, S.: Project Risk Management: processes, techniques and insights. John Wiley, Chichester (2003)
CVSS. Common Vulnerability Scoring System, http://www.first.org/cvss/
Dantu, R., Loper, K., Kolan, P.: Risk Management using Behavior based Attack Graphs. In: International Conference on Information Technology: Coding and Computing (2004)
Hariri, S., Qu, G., Dharmagadda, T., Ramkishore, M., Raghavendra, C.S.: Impact Analysis of Faults and Attacks in Large-Scale Networks. IEEE Security&Privacy (September/October 2003)
Jha, S., Sheyner, O., Wing, J.: Minimization and reliability analysis of attack graphs. Technical Report CMU-CS-02-109, Carnegie Mellon University (2002)
Lye, K., Wing, J.: Game Strategies in Network Security. International Journal of Information Security (February 2005)
Noel, S., Jajodia, S.: Understanding complex network attack graphs through clustered adjacency matrices. In: Srikanthan, T., Xue, J., Chang, C.-H. (eds.) ACSAC 2005. LNCS, vol. 3740. Springer, Heidelberg (2005)
Netfilter/iptables documentation, URL: http://www.netfilter.org/documentation/
Ning, P., Cui, Y., Reeves, D., Xu, D.: Tools and Techniques for Analyzing Intrusion Alerts. ACM Transactions on Information and System Security 7(2) (2004)
OSVDB: The Open Source Vulnerability Database, URL: http://www.osvdb.org/
Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: A Logic-based Network Security Analyzer. In: 14th Usenix Security Symposium (2005)
Rieke, R.: Tool based formal Modelling, Analysis and Visualisation of Enterprise Network Vulnerabilities utilising Attack Graph Exploration. In: EICAR 2004 (2004)
Ritchey, R.W., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings of Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (2000)
Rothmaier, G., Krumm, H.: A Framework Based Approach for Formal Modeling and Analysis of Multi-level Attacks in Computer Networks. In: Wang, F. (ed.) FORTE 2005. LNCS, vol. 3731, pp. 247–260. Springer, Heidelberg (2005)
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proc. of the IEEE Symposium on Security and Privacy (2002)
Singh, S., Lyons, J., Nicol, D.M.: Fast Model-based Penetration Testing. In: Proceedings of the 2004 Winter Simulation Conference (2004)
Swiler, L., Phillips, C., Ellis, D., Chakerian, S.: Computer-attack graph generation tool. In: DISCEX 2001(2001)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2006 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kotenko, I., Stepashkin, M. (2006). Attack Graph Based Evaluation of Network Security. In: Leitold, H., Markatos, E.P. (eds) Communications and Multimedia Security. CMS 2006. Lecture Notes in Computer Science, vol 4237. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11909033_20
Download citation
DOI: https://doi.org/10.1007/11909033_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-47820-1
Online ISBN: 978-3-540-47823-2
eBook Packages: Computer ScienceComputer Science (R0)