Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Cyberspace Safety and Security

CSS 2013: Cyberspace Safety and Security pp 132–150Cite as

Situation Calculus and Graph Based Defensive Modeling of Simultaneous Attacks

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8300))

Abstract

Recent attacks are better coordinated, difficult to discover, and inflict severe damages to networks. However, existing response systems handle the case of a single ongoing attack. This limitation is due to the lack of an appropriate model that describes coordinated attacks. In this paper, we address this limitation by presenting a new formal description of individual, coordinated, and concurrent attacks. Afterwards, we combine Graph Theory and our attack description in order to model attack graphs that cover the three attacks types. Finally, we show how to automatically generate these attack graphs using a logical approach based on Situation Calculus.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Zhou, C.V., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Computers & Security, 124–140 (2010)

    Google Scholar 

  2. Braynov, S.: On Future Avenues for Distributed Attacks, pp. 51–60. Management Centre International Limited (2003)

    Google Scholar 

  3. Falliere, N., Murchu, L.O., Chien, E.: W32. stuxnet dossier. White paper, Symantec Corp., Security Response (2011)

    Google Scholar 

  4. Toth, T., Kruegel, C.: Evaluating the impact of automated intrusion response mechanisms (2002)

    Google Scholar 

  5. Stakhanova, N., Basu, S., Wong, J.: A cost-sensitive model for preemptive intrusion response systems. In: Proceedings of the 21st International Conference on Advanced Networking and Applications, AINA 2007, pp. 428–435. IEEE Computer Society, Washington, DC (2007)

    Google Scholar 

  6. Kanoun, W., Cuppens-Boulahia, N., Cuppens, F., Dubus, S.: Risk-aware framework for activating and deactivating policy-based response. In: International Conference on Network and System Security, pp. 207–215 (2010)

    Google Scholar 

  7. Cuppens, F., Ortalo, R.: Lambda: A language to model a database for detection of attacks. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 197–216. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  8. Templeton, S.J., Levitt, K.: A requires/provides model for computer attacks. In: Proceedings of the 2000 Workshop on New Security Paradigms, NSPW 2000, pp. 31–38. ACM, New York (2000)

    Google Scholar 

  9. Braynov, S., Jadliwala, M.: Representation and analysis of coordinated attacks. In: Proceedings of the 2003 ACM Workshop on Formal Methods in Security Engineering, Ser., FMSE 2003, pp. 43–51. ACM, New York (2003)

    Chapter  Google Scholar 

  10. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 273–284 (2002)

    Google Scholar 

  11. Mccarthy, J., Hayes, P.J.: Some philosophical problems from the standpoint of artificial intelligence. Machine Intelligence 4 (1969)

    Google Scholar 

  12. Reiter, R.: Knowledge in Action: Logical Foundations for Specifying and Implementing Dynamical Systems, illustrated edition ed. The MIT Press, Massachusetts (2001)

    Book  Google Scholar 

  13. Reiter, R.: The frame problem in situation the calculus: a simple solution (sometimes) and a completeness result for goal regression. In: Lifschitz, V. (ed.) Artificial Intelligence and Mathematical Theory of Computation, pp. 359–380. Academic Press Professional, Inc., San Diego (1991)

    Chapter  Google Scholar 

  14. Goldman, R.P.: A stochastic model for intrusions. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 199–218. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Reiter, R.: Natural actions, concurrency and continuous time in the situation calculus. In: Aiello, L.C., Doyle, J., Shapiro, S.C. (eds.) KR, pp. 2–13. Morgan Kaufmann (1996)

    Google Scholar 

  16. Pinto, J.A.: Temporal reasoning in the situation calculus (1994)

    Google Scholar 

  17. Levesque, H.J., Reiter, R., Lespérance, Y., Lin, F., Scherl, R.B.: Golog: A logic programming language for dynamic domains (1994)

    Google Scholar 

  18. Boutilier, C., Brafman, R.I.: Partial-order planning with concurrent interacting actions. J. Artif. Int. Res. 14(1), 105–136 (2001)

    MATH  Google Scholar 

  19. Autrel, F., Cuppens, F.: Crim: un module de corrélation d’alertes et de réaction aux attaques. Annales des Télécommunications 61(9-10), 1172–1192 (2006)

    Article  Google Scholar 

  20. Kanoun, W., Dubus, S., Papillon, S., Cuppens-Boulahia, N., Cuppens, F.: Towards dynamic risk management: Success likelihood of ongoing attacks. Bell Labs Technical Journal 17(3), 61–78 (2012)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Bell Labs, Alcatel-Lucent, France

    Layal Samarji, Wael Kanoun & Samuel Dubus

  2. Télécom Bretagne, France

    Layal Samarji, Frédéric Cuppens & Nora Cuppens-Boulahia

Authors
  1. Layal Samarji
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Frédéric Cuppens
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nora Cuppens-Boulahia
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wael Kanoun
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Samuel Dubus
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Science and Engineering, Central South University, 410083, Changsha, Hunan, P.R. China

    Guojun Wang

  2. Computer Science Department, Colorado State University, 1873 Campus Delivery, 80523-1873, Fort Collins, CO, USA

    Indrakshi Ray

  3. Chinese Academy of Sciences, Institute of Software, 100190, Beijing, P.R. China

    Dengguo Feng

  4. information Security Group, City University London, EC1V 0HB, London, UK

    Muttukrishnan Rajarajan

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Samarji, L., Cuppens, F., Cuppens-Boulahia, N., Kanoun, W., Dubus, S. (2013). Situation Calculus and Graph Based Defensive Modeling of Simultaneous Attacks. In: Wang, G., Ray, I., Feng, D., Rajarajan, M. (eds) Cyberspace Safety and Security. CSS 2013. Lecture Notes in Computer Science, vol 8300. Springer, Cham. https://doi.org/10.1007/978-3-319-03584-0_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-03584-0_11

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-03583-3

  • Online ISBN: 978-3-319-03584-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation