Parametric Attack Graph Construction and Analysis⋆
نویسنده
چکیده
We present the first steps towards an implementation of attack graph construction and analysis technique based on inference rules. In our model, XML credentials describe basic attacks to the system, then inference rules allow composition of new attacks. We aim at modifying previously developed algorithm for the analysis of transitive trust models to the analysis of attack graphs. Important peculiarity of our model is exploitation of c-semirings for evaluation of system security level. Csemirings allow an application of the same algorithms for an analysis of attack graphs regardless of what metric is selected for the evaluation.
منابع مشابه
An Ant Colony Optimization Algorithm for Network Vulnerability Analysis
Intruders often combine exploits against multiple vulnerabilities in order to break into the system. Each attack scenario is a sequence of exploits launched by an intruder that leads to an undesirable state such as access to a database, service disruption, etc. The collection of possible attack scenarios in a computer network can be represented by a directed graph, called network attack gra...
متن کاملA particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs
To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also,...
متن کاملReal-Time intrusion detection alert correlation and attack scenario extraction based on the prerequisite consequence approach
Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...
متن کاملCommon fixed point results for graph preserving mappings in parametric $N_b$-metric spaces
In this paper, we discuss the existence and uniqueness of points of coincidence and common fixed points for a pair of graph preserving mappings in parametric $N_b$-metric spaces. As some consequences of this study, we obtain several important results in parametric $b$-metric spaces, parametric $S$-metric spaces and parametric $A$-metric spaces. Finally, we provide some illustrative examples to ...
متن کاملOn the computational complexity of finding a minimal basis for the guess and determine attack
Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, we present a relation between the minimum numbers of the guessed bits and uniquely restricted...
متن کامل