Attack Tree Visualization for Cyber Security Situational Awareness

نویسندگان

  • M. Selvi
  • E. B. Aksu
  • M. H. Dilek
  • A. Erkan
  • M. U. Demirezen
چکیده

Situational awareness in cyber domain is one of the key features for quick and accurate decision making and anomaly detection. In order to provide situational awareness, certain methods have been introduced so far and attack graph is one of them. Attack graphs help the security analyst to visualize the network topology and understand typical vulnerability and exploit behaviors in cyber domain (e.g., IT asset and the network). They provide more proactive view compared to other reactive views; hence risk management and evaluation can be done in an efficient and interactive fashion. Attack trees can be used for various purposes since they can map network assets, network attacks and possible vulnerabilities which may exist in the IT assets. This study introduces an integrated cyber security capability called, BSGS, which can help analysts to create attack trees, identify vulnerabilities and have effective risk assessment procedures. In this way, the cyber security specialists will have a more efficient and holistic way to assess their environments and take the most effective precautions to minimize cyber risks.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Public-Private-Partnership Model for Na- tional Cyber Situational Awareness

The information age has led to the merger of various infrastructures, from both business and governmental sectors and their functions, such as information technology, communication and transport systems, banking and finance, energy supply and process control systems. The protection of these systems is essential to resilience and reliability of critical infrastructures and their key resources, c...

متن کامل

Designing a Cyber Attack Information System for National Situational Awareness

Information and communication technology (ICT) systems underpin many of today’s societal functions and economic development. Consequently, protecting a nation’s ICT infrastructure from deliberate cyber attacks and unintentional disruptions is of paramount importance. Collaboration among all parties across all domains of cyberspace is the key to effective and coordinated effort to cope with cybe...

متن کامل

Analysis and Assessment of Situational Awareness Models for National Cyber Security Centers

National cyber security centers (NCSCs) are gaining more and more importance to ensure the security and proper operations of critical infrastructures (CIs). As a prerequisite, NCSCs need to collect, analyze, process, assess and share security-relevant information from infrastructure operators. A vital capability of mentioned NCSCs is to establish Cyber Situational Awareness (CSA) as a precondit...

متن کامل

Cyber situational awareness through network anomaly detection: state of the art and new approaches

With a major change in the attack landscape, away from well known attack vectors towards unique and highly tailored attacks, limitations of common ruleand signature-based security systems become more and more obvious. Novel security mechanisms can provide the means to extend existing solutions in order to provide a more sophisticated security approach. As critical infrastructures get increasing...

متن کامل

NetSecRadar: A Visualization System for Network Security Situational Awareness

Situational awareness is defined as the ability to effectively determine an overall computer network status based on relationships between security events in multiple dimensions. Unfortunately, as the lack of tools to synthetically analyze the security logs generated by kinds of network security products, such as NetFlow, Firewall and Host Security, it is difficult to monitor and perceive netwo...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2014