In this work we present a prototype for simulating computer network attacks. Our objective is to simulate large networks (thousands of hosts, with applications and vulnerabilities) while remaining realistic from the attacker’s point of view. The foundation for the simulator is a model of computer intrusions, based on the analysis of real world attacks. In particular we show how to interpret vul...

Abstract Wireless sensor networks (WSN) were cataloged as one of the most important emerging technologies last century and are considered basis Internet Things paradigm. However, an undeniable disadvantage WSN is that resources available for these types networks, such processing capacity, memory, battery, usually in short supply. This limitation implements security mechanisms a difficult task. ...

Traditional model checking produces one counterexample to illustrate a violation of a property by a model of the system. Some applications benefit from having all counterexamples, not just one. We call this set of counterexamples a scenario graph. In this chapter we present two different algorithms for producing scenario graphs and explain how scenario graphs are a natural representation for at...

We discuss the security of Message Authentication Code (MAC) schemes from the viewpoint of differential attack, and propose an attack that is effective against DES-MAC and FEAL-MAC. The attack derives the secret authentication key in the chosen plaintext scenario. For example, DES(8-round)-MAC can be broken with 2 pairs of plaintext, while FEAL8-MAC can be broken with 2 pairs. The proposed atta...

In this article, a modeling process is defined to address challenges in analyzing attack scenarios and mitigating vulnerabilities in networked environments. Known system vulnerability data, system configuration data, and vulnerability scanner results are considered to create exploitation graphs (e-graphs) that are used to represent attack scenarios. Experiments carried out in a cluster computin...

Intrusion alert correlation is multi-step processes that receives alerts from heterogeneous log resources as input and produce a high-level description of the malicious activity on the network. The objective of this study is to analyse the current alert correlation technique and identify the significant criteria in each technique that can improve the Intrusion Detection System (IDS) problem suc...

Because of the threat of advanced multi-step attacks, it is often difficult for security operators to completely cover all vulnerabilities when deploying remediations. Deploying sensors to monitor attacks exploiting residual vulnerabilities is not sufficient and new tools are needed to assess the risk associated to the security events produced by these sensors. Although attack graphs were propo...