Advanced Cyber Attack Modeling Analysis and Visualization
作者: Sushil Jajodia , Steven Noel
DOI:
关键词: Cyber-attack 、 Visualization 、 Information assurance 、 Side channel attack 、 Computer science 、 Information security 、 Network security 、 Adjacency matrix 、 Exploit 、 Computer security
摘要: Abstract : This project delivers an approach for visualization, correlation, and prediction of potentially large complex attack graphs. These graphs show multi-step cyber attacks against networks, based on system vulnerabilities, network connectivity, potential attacker exploits. We introduce a new paradigm graph analysis that augments the traditional graph-centric view, adjacency matrices. In our approach, includes all known paths, while still keeping complexity manageable. It supports pre-attack hardening, correlation detected events, origin/impact post-attack responses. The goal this is to transform quantities security data into actionable intelligence. utility organizing combinations as well established. Traditionally, such have been formed manually by red teams (penetration testers). demonstrated capability computational generation graphs, rather than relying manual creation. models conditions Because vulnerability interdependencies across topological needed, especially proactive defense insidious attacks. treats events in isolation, without context provided clearly insufficient.
参考文章(36)
Peng Ning, Christopher G. Healey, Robert St. Amant, Dingbang Xu, Building Attack Scenarios through Integration of Complementary Alert Correlation Method. network and distributed system security symposium. ,(2004)
S. Noel, E. Robertson, S. Jajodia, Correlating intrusion events and building attack scenarios through attack graph distances annual computer security applications conference. pp. 350- 359 ,(2004) , 10.1109/CSAC.2004.11
Sushil Jajodia, Steven Noel, Topological Vulnerability Analysis Ai & Society. ,vol. 46, pp. 139- 154 ,(2010) , 10.1007/978-1-4419-0140-8_7
L. Williams, R. Lippmann, K. Ingols, An Interactive Attack Graph Cascade and Reachability Display visualization for computer security. pp. 221- 236 ,(2008) , 10.1007/978-3-540-78243-8_15
Somesh Jha, Oleg Sheyner, Jeannette Marie Wing, Minimization and Reliability Analyses of Attack Graphs ,(2002)
Karl Levitt, Dan Zerkle, NetKuang: a multi-host configuration vulnerability checker usenix security symposium. pp. 20- 20 ,(1996)
Peter Eades, Qing-Wen Feng, Multilevel Visualization of Clustered Graphs graph drawing. pp. 101- 112 ,(1996) , 10.1007/3-540-62495-3_41
Peter Grünwald, A Tutorial Introduction to the Minimum Description Length Principle arXiv: Statistics Theory. ,(2004)
Scott O’Hare, Steven Noel, Kenneth Prole, A Graph-Theoretic Visualization Approach to Network Risk Analysis visualization for computer security. pp. 60- 67 ,(2008) , 10.1007/978-3-540-85933-8_6
Steven Noel, Sushil Jajodia, Managing attack graph complexity through visual hierarchical aggregation visualization for computer security. pp. 109- 118 ,(2004) , 10.1145/1029208.1029225