Skip to main content
SpringerLink
Log in
Book cover

International Conference on Grid and Pervasive Computing

GPC 2011: Advances in Grid and Pervasive Computing pp 138–147Cite as

An Integrated Network Scanning Tool for Attack Graph Construction

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 6646))

Abstract

Scanning is essential for gathering information about the actual state of computer systems or networks. Therefore, it is always taken as the first step of potential attacks against targets. In certain cases, scanning itself is categorized as an attack. Scanning can on the other hand be used for the right purposes, for example, checking the system configurations, verifying firewall rules, proofing security polices, as well as monitoring the large scale network environment. From this point of view, scanning is an effective method for system or network management, security measurement and auditing. To visualize, analyze, and finally evaluate the data gathered by scanners, Attack Graph plays an important role. High quality information about the target system or network is the prerequisite for constructing the attack graph. However, different implementations of scanners have different capabilities and always result in different kinds of outputs. These outputs are usually heterogeneous and not machine-readable, which makes the further analysis a challenging task. In this paper, we examine common types of scanners and demonstrate how to combine multiple types of scanners. The results of all the involved scanners are integrated into a well-designed and consistent data structure, which can not only be well interpreted by human security specialists but also be directly fed into an attack graph construction tool.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Caceres, M.: Syscall Proxying - Simulating Remote Execution. Technical report, Core Security Technologies (2002)

    Google Scholar 

  2. Moore, H., Valsmith: Tactical Exploitation, Version 1.0.0. Technical report, Metasploit LLC (2007)

    Google Scholar 

  3. Bhatia, A., Lam, B., et al.: Automated Network Security Audit Tool (ANSAT). Technical report, University of Colorado at Boulder (2006)

    Google Scholar 

  4. Bishop, M.: About Penetration Testing. IEEE Security & Privacy 5, 84–87 (2007)

    Article  Google Scholar 

  5. Siamwalla, R., Sharma, R., Keshav, S.: Discovering Internet Topology. Technical report, Cornell University (1998)

    Google Scholar 

  6. Dawkins, J., Clark, K., Manes, G., Papa, M.: A Framework for Unified Network Security Management: Identifying and Tracking Security Threats on Converged Networks. Journal of Network and Systems Management 13(3), 253–267 (2005)

    Article  Google Scholar 

  7. Schneier, B.: Attack Trees - Modeling Security Threats. Dr. Dobb’s Journal 21, 21–29 (1999)

    Google Scholar 

  8. Cheng, F., Roschke, S., Schuppenies, R., Meinel, C.: Remodeling Vulnerability Information. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 324–336. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  9. Jajodia, S., Noel, S., O’Berry, B.: Topological Analysis of Network Attack Vulnerability. In: Vipin Kumar, J.S., Lazarevic, A. (eds.) Managing Cyber Threats: Issues, Approaches, and Challenges. Massive Computing, vol. 5, pp. 247–266. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  10. Cheng, F., Wolter, C., Meinel, C.: A Simple, Smart and Extensible Framework for Network Security Measurement. In: Pei, D., Yung, M., Lin, D., Wu, C. (eds.) Inscrypt 2007. LNCS, vol. 4990, pp. 517–531. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  11. Arboi, M.: The NASL2 Reference Manual. Tenable Network Security (2005)

    Google Scholar 

  12. Cheikes, B.A., Waltermire, D.: Common Platform Enumeration: Naming Specification Version 2.3 (DRAFT). Technical Report The MITRE Corporation, National Institute of Standards and Technology, NIST (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Hasso Plattner Institute (HPI), University of Potsdam, 14482, Potsdam, Germany

    Feng Cheng, Sebastian Roschke & Christoph Meinel

Authors
  1. Feng Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sebastian Roschke
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christoph Meinel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical and Information Engineering, University of Oulu, 90014, Oulu, Finland

    Jukka Riekki  & Mika Ylianttila  & 

  2. Department of Computer Science and Engineering, Shanghai Jiao Tong University, 200240, Minhang, Shanghai, China

    Minyi Guo

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cheng, F., Roschke, S., Meinel, C. (2011). An Integrated Network Scanning Tool for Attack Graph Construction. In: Riekki, J., Ylianttila, M., Guo, M. (eds) Advances in Grid and Pervasive Computing. GPC 2011. Lecture Notes in Computer Science, vol 6646. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20754-9_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-20754-9_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-20753-2

  • Online ISBN: 978-3-642-20754-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation