Impact Estimation using Data Flows over Attack Graphs
نویسنده
چکیده
We propose a novel approach to estimating the impact of an attack using a data model and an impact model on top of an attack graph. The data model describes how data flows between nodes in the network – how it is copied and processed by softwares and hosts – while the impact model models how exploitation of vulnerabilities affects the data flows with respect to the confidentiality, integrity and availability of the data. In addition, by assigning a loss value to a compromised data set, we can estimate the cost of a successful attack. We show that our algorithm not only subsumes the simple impact estimation used in the literature but also improves it by explicitly modeling loss value dependencies between network nodes. With our model, the operator will be able to use less time when comparing different security patches to a network.
منابع مشابه
An Estimation of The Impact of Economic Sanctions and Oil Price Shocks on Iran-Russian Trade: Evidence from a Gravity- VEC Approach
Abstract This article is an empirical attempt to explore the relationship between sanctions (financial and non-financial), oil price shocks and Iran-Russian bilateral trade flows over the period 1991–2014. In contrast to earlier studies in which a gravity model has been estimated through a panel data approach, in this paper the authors apply a gravity model for only two countries and do the es...
متن کاملEstimation of Discharge over the Submerged Compound Sharp-Crested Weir using Artificial Neural Networks and Genetic Programming
Truncated sharp crested weirs are used to measure flow rate and control upstream water surface in irrigation canals and laboratory flumes. The main advantages of such weirs are ease of construction and capability of measuring a wide range of flows with sufficient accuracy. Artificial neural networks (ANNs) and genetic programming (GP) have recently been used for estimation of hydraulic data. In...
متن کاملAssessing Security Risk to a Network Using a Statistical Model of Attacker Community Competence
We propose a novel approach for statistical risk modeling of network attacks that lets an operator perform risk analysis using a data model and an impact model on top of an attack graph in combination with a statistical model of the attacker community exploitation skill. The data model describes how data flows between nodes in the network – how it is copied and processed by softwares and hosts ...
متن کاملImpact of thermal radiation and viscous dissipation on hydromagnetic unsteady flow over an exponentially inclined preamble stretching sheet
The present numerical attempt deals the sway to transfer of heat and mass characteristics on the time-dependent hydromagnetic boundary layer flow of a viscous fluid over an exponentially inclined preamble stretching. Furthermore, the role of viscous heating, thermal radiation, uneven energy gain or loss, velocity slip, thermal slip and solutal slips are depicted. The prevailing time-dependent P...
متن کاملTowards Bandwidth Estimation Using Flow-Level Measurements
Bandwidth estimation is one of the prerequisite for efficient link dimensioning. In the past, several approaches to bandwidth estimation have been proposed, ranging from rules-of-thumb providing over-provisioning guidelines to mathematically backed-up provisioning formulas. The limitation of such approaches, in our eyes, is that they largely rely on packet-based measurements, which are almost u...
متن کامل