ABSTRACT
Attack graphs represent the ways in which an adversary can exploit vulnerabilities to break into a system. System administrators analyze these attack graphs to understand where their system's weaknesses lie and to help decide which security measures will be effective to deploy. In practice, attack graphs are produced manually by Red Teams. Construction by hand, however, is tedious, error-prone, and impractical for attack graphs larger than a hundred nodes. In this talk I present a technique, based on model checking, for generating attack graphs automatically. I also describe different analyses that system administrators can perform in trading off one security measure for another or in using attack graphs in intrusion detection. Work on generating attack graphs is joint with Somesh Jha and Oleg Sheyner; on analyzing them, joint with Oleg Sheyner and Oren Dobzinski.
- S. Jha and J. Wing, "Survivability Analysis of Networked Systems," Proceedings of the International Conference on Software Engineering, Toronto, Canada, May 2001. Preliminary version available as CMU-CS-00-168, October 2000. Google ScholarDigital Library
- S. Jha, O. Sheyner, and J.M. Wing, "Two Formal Analyses of Attack Graphs," Proceedings of the 15th IEEE Computer Security Foundations Workshop, Nova Scotia, Canada, June 2002, pp. 49--63. Google ScholarDigital Library
- O. Sheyner, J. Scenario Graphs and Attack Graphs, CMU-CS-04-122, Ph.D. thesis, Computer Science Department, Carnegie Mellon, April 2004. Google ScholarDigital Library
- O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing, "Automated Generation and Analysis of Attack Graphs," Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2002. Google ScholarDigital Library
- O. Sheyner and J.M. Wing, "Tools for Generating and Analyzing Attack Graphs," Proceedings of Workshop on Formal Methods for Components and Objects, 2004, pp. 344--371.Google Scholar
- J.M. Wing, "Scenario Graphs Applied to Security," Proceedings of Workshop on Verification of Infinite State Systems with Applications to Security, Timisoara, Romania, March 2005. Summary paper.Google Scholar
Index Terms
Attack graph generation and analysis
Recommendations
Employing attack graphs for intrusion detection
NSPW '19: Proceedings of the New Security Paradigms WorkshopIntrusion detection systems are a commonly deployed defense that examines network traffic, host operations, or both to detect attacks. However, more attacks bypass IDS defenses each year, and with the sophistication of attacks increasing as well, we ...
Attack Graph Analysis for Network Anti-Forensics
The development of technology in computer networks has boosted the percentage of cyber-attacks today. Hackers are now able to penetrate even the strongest IDS and firewalls. With the help of anti-forensic techniques, attackers defend themselves, from ...
Automated Generation and Analysis of Attack Graphs
SP '02: Proceedings of the 2002 IEEE Symposium on Security and PrivacyAn integral part of modeling the global view of network security isconstructing attack graphs.In practice, attack graphs areproduced manually by Red Teams.Construction by hand, however, istedious, error-prone, and impractical for attack graphs larger ...
Comments