Skip to main content
SpringerLink
Log in

Security Analysis of Information Systems Based on Attack Sequences Generation and Testing

  • Conference paper
  • First Online:
Intelligent Distributed Computing XIV (IDC 2021)

Part of the book series: Studies in Computational Intelligence ((SCI,volume 1026))

Included in the following conference series:

  • 538 Accesses

Abstract

The paper considers an issue of analysis of security risks posed by the multistage cyber attacks using known tactics, techniques, and procedures. The technique for cyber attack sequences modeling and testing using source data from the MITRE ATT&CK database and the production model is proposed. Risk assessment is implemented for the generated cyber attack sequences, analysed information system components and an information system as a whole using risks decomposition and Common Vulnerability Scoring System metrics. The developed techniques for cyber attack sequences modeling and risks assessment are implemented within the software tool. The tool also allows recommending possible countermeasures for the successful attack sequences using MITRE ATT& CK data. The experiments for different infrastructures are conducted and application of the developed tool is demonstrated on the case study.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 249.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. First website. common vulnerability scoring system. https://www.first.org/cvss/

  2. Github website. atomic red team tests. https://github.com/redcanaryco/atomic-red-team

  3. Github website. MITRE CALDERA. https://github.com/mitre/caldera

  4. Github website. MITRE CASCADE. https://github.com/mitre/cascade-server

  5. MITRE website. MITRE ATT&CK enterprise matrix. https://attack.mitre.org/matrices/enterprise/

  6. Mitre website. MITRE cyber analytics repository. https://car.mitre.org/

  7. Artz, M.: Netspa, a network security planning architecture. Master’s thesis (2002)

    Google Scholar 

  8. Dantu, R., Kolan, P., C. J.: Network risk management using attacker profiling. Sec. Commun. Netw. 2(1), 83–96 (2009)

    Google Scholar 

  9. Feigenbaum, E.: The art of artificial intelligence: Themes and case studies of knowledge engineering. In: Proceedings of the International Joint Conference on Artificial Intelligence, pp. 1014–1029 (1977)

    Google Scholar 

  10. Frigault, M., Wang, L., Jajodia, S., Singhal, A.: Network Security Metrics (2017)

    Google Scholar 

  11. Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: Proceedings of 22nd Annual Conference on the Computer Security Applications, Miami Beach, FL, pp. 121–130. IEEE (2006)

    Google Scholar 

  12. Khosravi-Farmad, M., Ghaemi-Bafghi, A.: Bayesian decision network-based security risk management framework. J. Netw. Syst. Manag. 1–26 (2020)

    Google Scholar 

  13. Kotenko, I., Doynikova, E.: Security assessment of computer networks based on attack graphs and security events. In: L. et al. (ed.) ICT-EurAsia 2014, Lecture Notes in Computer Science (LNCS), vol. 8407, pp. 462–471. Springer (2014)

    Google Scholar 

  14. Kotenko, I., Doynikova, E.: The CAPEC based generator of attack scenarios for network security evaluation. In: Proceedings of the IEEE 8th International Conference on “Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS’2015), pp. 436–441 (2015)

    Google Scholar 

  15. Lippmann, R., Ingols, K. et al.: Validating and restoring defense in depth using attack graphs. In: Proceedings of the MILCOM 2006, Washington, DC, pp. 1014–1029 (2006)

    Google Scholar 

  16. Liu, Y., Man, H.: Network vulnerability assessment using bayesian networks. Proc. SPIE 5812, 61–71 (2005)

    Article  Google Scholar 

  17. MITRE. CAPEC database. https://capec.mitre.org/

  18. MITRE. MITRE att&ck database. https://attack.mitre.org/

  19. Muñoz-González, L., Sgandurra, D., Barrère, M., Lupu, E.: Dynamic security risk management using bayesian attack graphsexact inference techniques for the analysis of bayesian attack graphs. IEEE Trans. Depend. Sec. Comput. 16, 231–244 (2019)

    Article  Google Scholar 

  20. Newell, A.: Production Systems: Models of Control Structures. Academic, New York, NY (1973)

    Google Scholar 

  21. Poolsappasit, N., Dewri, R., R. I.: Dynamic security risk management using bayesian attack graphs. IEEE Trans. Depend. Sec. Comput. 9(1), 61–74 (2012)

    Google Scholar 

  22. Singhal, A., Ou, X.: Security risk analysis of enterprise networks using probabilistic attack graphs. NIST interagency report (2011)

    Google Scholar 

  23. Stakhanova, N., Basu, S., W. J.: A cost-sensitive model for preemptive intrusion response systems. In: Proceedings of the 21st International Conference on Advanced Networking and Applications (2007)

    Google Scholar 

Download references

Acknowledgements

This research is being supported by the grant of RFBR #19-07-01246 in SPC RAS.

Author information

Authors and Affiliations

  1. A.F. Mozhaysky Military-Space Academy, Zhdanovskaya str. 13, St. Petersburg, 197198, Russia

    Roman Kryukov

  2. Laboratory of Computer Security Problems, St. Petersburg Federal Research Center of the Russian Academy of Sciences, liniya 14-ya 39, St. Petersburg, 197198, Russia

    Elena Doynikova & Igor Kotenko

Authors
  1. Roman Kryukov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Elena Doynikova
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Igor Kotenko
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Igor Kotenko .

Editor information

Editors and Affiliations

  1. Computer Systems Engineering Department, Universidad Politécnica de Madrid, Madrid, Spain

    David Camacho

  2. DIIES Department, University of Reggio Calabria, Reggio Calabria, Italy

    Domenico Rosaci

  3. Department of Psychology, University of Milan Bicocca, Milan, Italy

    Giuseppe M. L. Sarné

  4. DICEAM Department, University of Reggio Calabria, Reggio Calabria, Italy

    Mario Versaci

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kryukov, R., Doynikova, E., Kotenko, I. (2022). Security Analysis of Information Systems Based on Attack Sequences Generation and Testing. In: Camacho, D., Rosaci, D., Sarné, G.M.L., Versaci, M. (eds) Intelligent Distributed Computing XIV. IDC 2021. Studies in Computational Intelligence, vol 1026. Springer, Cham. https://doi.org/10.1007/978-3-030-96627-0_39

Download citation

Publish with us

Policies and ethics

Search

Navigation