Abstract
Static analysis of attack sequences (a.k.a. topological vulnerability analysis -TVA) studies sequences of attacks that can eventually lead to exploitable vulnerabilities in a network. In models where the attacks are specified in terms of their preconditions and post conditions, the sequences that can be launched are those in which the post condition of the antecedent attack implies the precondition of the precedent attack. We show a method of doing so, and show the drawbacks in omitting these checks in the CRIM [5]) model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Computer Oracle and Password System (COPS) information and software on the web at, ftp.cert.org/pub/tools/cops
Internet Security Systems, System Scanner information at, http://www.iss.net
Network Associates, CyberCop Scanner information at, http://www.nai.com/asp_set/products/tns/ccscanner_intro.asp
Ritchey, R.W., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings 2000 IEEE Computer Society Symposium on Security and Privacy, Oakland, CA, May 2000, pp. 156–165 (2000)
Cuppens, F., Miège, A.: Alert correlation in a cooperative intrusion detection framework. In: IEEE Symposium on Research in Security and Privacy, Oakland, Mai (2002)
Ning, P., Cui, Y., Reeves, D.S.: Analyzing intensive intrusion alerts via correlation. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 74–94. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sarda, K., Wijesekera, D., Jajodia, S. (2004). Implementing Consistency Checking in Correlating Attacks. In: Ghosh, R.K., Mohanty, H. (eds) Distributed Computing and Internet Technology. ICDCIT 2004. Lecture Notes in Computer Science, vol 3347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30555-2_44
Download citation
DOI: https://doi.org/10.1007/978-3-540-30555-2_44
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24075-4
Online ISBN: 978-3-540-30555-2
eBook Packages: Computer ScienceComputer Science (R0)