A graph-based system for network-vulnerability analysis
作者: Cynthia Phillips , Laura Painton Swiler , None
关键词:
摘要: This paper presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks specific asset, or examine universe possible consequences following successful attack. tool identify set attack paths that have high probability success (or low effort cost) for attacker. system could be used test effectiveness making configuration changes, implementing an intrusion detection system, etc. requires as input database common attacks, broken into atomic steps, topology information, attacker profile. information matched with profile create superset graph. Nodes stage attack, example class machines has accessed user privilege level he she compromised. arcs in graph represent stages attacks. By assigning probabilities on costs representing level-of-effort attacker, various algorithms such shortest-path highest success.
acm.org
core.ac.uk
osti.gov
utc.edu 参考文章(18)
Catherine Meadows, R Wright, P Neumann, A representation of protocol attacks for risk assessment. Network Threats. pp. 1- 10 ,(1996)
Marc Dacier, Yves Deswarte Mohamed Kaâniche, Quantitative Assessment of Operational Security: Models and Tools * ,(1996)
C. Burch, S. Krumke, E. Sundberg, M. Marathe, C. Phillips, Multicriteria approximation through decomposition integer programming and combinatorial optimization. ,(1997)
Dalit Naor, Douglas Brutlag, On Suboptimal Alignments of Biological Sequences combinatorial pattern matching. pp. 179- 196 ,(1993) , 10.1007/BFB0029805
John Douglas Howard, An analysis of security incidents on the Internet 1989-1995 Carnegie Mellon University. ,(1998)
Teresa F. Lunt, A survey of intrusion detection techniques Computers & Security. ,vol. 12, pp. 405- 418 ,(1993) , 10.1016/0167-4048(93)90029-5
Cynthia A. Phillips, The network inhibition problem Proceedings of the twenty-fifth annual ACM symposium on Theory of computing - STOC '93. pp. 776- 785 ,(1993) , 10.1145/167088.167286
U. Lindqvist, E. Jonsson, A map of security risks associated with using COTS IEEE Computer. ,vol. 31, pp. 60- 66 ,(1998) , 10.1109/2.683009
Ira S. Moskowitz, Myong H. Kang, An insecurity flow model new security paradigms workshop. pp. 61- 74 ,(1998) , 10.1145/283699.283741
Michael R. Garey, David S. Johnson, Computers and Intractability: A Guide to the Theory of NP-Completeness ,(1979)