Automated Generation and Analysis of Attack Graphs
نویسندگان
چکیده
An integral part of modeling the global view of network security is constructing attack graphs. In practice, attack graphs are produced manually by Red Teams. Construction by hand, however, is tedious, error-prone, and impractical for attack graphs larger than a hundred nodes. In this paper we present an automated technique for generating and analyzing attack graphs. We base our technique on symbolic model checking [4] algorithms, letting us construct attack graphs automatically and efficiently. We also describe two analyses to help decide which attacks would be most costeffective to guard against. We implemented our technique in a tool suite and tested it on a small network example, which includes models of a firewall and an intrusion detection system.
منابع مشابه
A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs
To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also,...
متن کاملAn Ant Colony Optimization Algorithm for Network Vulnerability Analysis
Intruders often combine exploits against multiple vulnerabilities in order to break into the system. Each attack scenario is a sequence of exploits launched by an intruder that leads to an undesirable state such as access to a database, service disruption, etc. The collection of possible attack scenarios in a computer network can be represented by a directed graph, called network attack gra...
متن کاملSecure Bio-Cryptographic Authentication System for Cardless Automated Teller Machines
Security is a vital issue in the usage of Automated Teller Machine (ATM) for cash, cashless and many off the counter banking transactions. Weaknesses in the use of ATM machine could not only lead to loss of customer’s data confidentiality and integrity but also breach in the verification of user’s authentication. Several challenges are associated with the use of ATM smart card such as: card clo...
متن کاملتفسیر هیستوگرامهای اریتروسیتی بهدستآمده از دستگاههای خودکار هماتولوژی در بیماریهای خونی معمول
Background: Presently, the graphical data of blood cells (histograms and cytograms or/ scattergrams) that they are usually available in all modern automated hematology analyzers are an integral a part of automated complete blood count (CBC). To find incorrect results from automated hematology analyzer and establish the samples that require additional analysis, Laboratory employees will use thos...
متن کاملEntropy Generation of Variable Viscosity and Thermal Radiation on Magneto Nanofluid Flow with Dusty Fluid
The present work illustrates the variable viscosity of dust nanofluid runs over a permeable stretched sheet with thermal radiation. The problem has been modelled mathematically introducing the mixed convective condition and magnetic effect. Additionally analysis of entropy generation and Bejan number provides the fine points of the flow. The of model equations are transformed into non-linear or...
متن کامل