Cited By
View all- Kalogeraki EPapastergiou SPanayiotopoulos T(2022)An Attack Simulation and Evidence Chains Generation Model for Critical Information InfrastructuresElectronics10.3390/electronics1103040411:3(404)Online publication date: 28-Jan-2022
A simulation-driven approach for assessing risks of complex systems
Pages 35 - 40
Abstract
The most critical steps in the risk assessment of a system are the discovery of attacks against the system as well as the computation of the probabilities that attacks are successful and their impacts. We present a framework to support these steps driven by a detailed simulation of the attacks implemented by intelligent threat agents. The framework can evaluate the role of factors such as the probability of discovering a vulnerability, the resources available to agents, how an agent composes attacks into plans to reach a goal. The agents and their plans are described through a proper extension of attack graphs. A simulation defined in terms of attack graphs can fully exploit an important feature of these graphs, namely their ability of describing both attack plans and the countermeasures to stop these plans. Furthermore, a simulation-driven approach can evaluate how the availability of information about the system implementation influences the success of attack plans. Finally, we describe the tools that implement the simulation and that produce statistics about both attack plans that have been successfully implemented and the resulting risk for the system owner.
References
[1]
F. Baiardi, C. Telmon, and D. Sgandurra. Hierarchical, Model-based Risk Management of Critical Infrastructures. Reliability Engineering & System Safety, 94(9):1403--1415, 2009.
[2]
M. Bouissou and J. Bon. A new formalism that combines advantages of fault-trees and Markov models: Boolean logic Driven Markov Processes. Reliability Engineering & System Safety, 82(2):149--163, 2003.
[3]
S. Camtepe and B. Yener. Modeling and detection of complex attacks. In Security and Privacy in Communications Networks and the Workshops, 2007. SecureComm 2007. Third International Conference on, pages 234--243. IEEE, 2007.
[4]
S. Epstein and A. Rauzy. Can we trust pra? Reliability Engineering & System Safety, 88(3):195--205, 2005.
[5]
L. A. Gordon and M. P. Loeb. The economics of information security investment. ACM Trans. Inf. Syst. Secur., 5:438--457, November 2002.
[6]
S. Jha, O. Sheyner, and J. Wing. Two formal analyses of attack graphs. In In Proceedings of the 15th Computer Security Foundation Workshop, pages 49--63, 2002.
[7]
W. Lee, D. Grosh, and F. Tillman. Fault tree analysis, methods, and applications- a review. IEEE transactions on reliability, 1985.
[8]
R. Lippmann, K. Ingols, C. Scott, K. Piwowarski, K. Kratkiewicz, M. Artz, and R. Cunningham. Validating and restoring defense in depth using attack graphs. In Proceedings of the 2006 IEEE conference on Military communications, MILCOM'06, pages 981--990, Piscataway, NJ, USA, 2006. IEEE Press.
[9]
S. Mauw and M. Oostdijk. Foundations of attack trees. Information Security and Cryptology-ICISC 2005, pages 186--198, 2006.
[10]
S. Noel, E. Robertson, and S. Jajodia. Correlating intrusion events and building attack scenarios through attack graph distances. In Proceedings of the 20th Annual Computer Security Applications Conference, ACSAC '04, pages 350--359, Washington, DC, USA, 2004. IEEE Computer Society.
[11]
S. Pudar, G. Manimaran, and C.-C. Liu. Penet: A practical method and tool for integrated modeling of security attacks and countermeasures. Computers & Security, 28(8):754--771, 2009.
[12]
O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M. Wing. Automated generation and analysis of attack graphs. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 273--, Washington, DC, USA, 2002. IEEE Computer Society.
[13]
L. Swiler, C. Phillips, D. Ellis, and S. Chakerian. Computer-attack graph generation tool. In DARPA Information Survivability Conference Exposition II, 2001. DISCEX '01. Proceedings, volume 2, pages 307--321 vol. 2, 2001.
[14]
S. Zhang and S. Song. A Novel Attack Graph Posterior Inference Model Based on Bayesian Network. Journal of Information Security, 2:8--27, 2011.
Index Terms
- A simulation-driven approach for assessing risks of complex systems
Recommendations
Security assessment of clickjacking risks in web applications: metrics based approach
SAC '15: Proceedings of the 30th Annual ACM Symposium on Applied ComputingClickjacking attacks steal user clicks through the generation of webpages overlaying legitimate webpages. These attacks redirect user clicks to attacker controlled webpages. Redirection of clicks can cause various unwanted activities and damages to ...
Assessing vulnerability exploitability risk using software properties
Attacks on computer systems are now attracting increased attention. While the current trends in software vulnerability discovery indicate that the number of newly discovered vulnerabilities continues to be significant, the time between the public ...
Agent-based simulation for assessing network security risk due to unauthorized hardware
ADS '15: Proceedings of the Symposium on Agent-Directed SimulationComputer networks are present throughout all sectors of our critical infrastructure and these networks are under a constant threat of cyber attack. One prevalent computer network threat takes advantage of unauthorized, and thus insecure, hardware on a ...
Comments
Information & Contributors
Information
Published In
Copyright © 2011 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 11 May 2011
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
Conference
EWDC '11
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 127Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)0
Reflects downloads up to 25 Feb 2025
Other Metrics
Citations
Cited By
View all- Kalogeraki EPapastergiou SPanayiotopoulos T(2022)An Attack Simulation and Evidence Chains Generation Model for Critical Information InfrastructuresElectronics10.3390/electronics1103040411:3(404)Online publication date: 28-Jan-2022
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in