Automated generation and analysis of attack graphs
作者: O. Sheyner , J. Haines , S. Jha , R. Lippmann , J.M. Wing
DOI: 10.1109/SECPRI.2002.1004377
关键词:
摘要: An integral part of modeling the global view network security is constructing attack graphs. Manual graph construction tedious, error-prone, and impractical for graphs larger than a hundred nodes. In this paper we present an automated technique generating analyzing We base our on symbolic model checking algorithms, letting us construct automatically efficiently. also describe two analyses to help decide which attacks would be most cost-effective guard against. implemented in tool suite tested it small example, includes models firewall intrusion detection system.
computer.org
sci-hub.se 参考文章(24)
Giovanni Vigna, Richard A. Kemmerer, NetSTAT: a network-based intrusion detection system Journal of Computer Security. ,vol. 7, pp. 37- 71 ,(1999) , 10.3233/JCS-1999-7103
Eugene H. Spafford, Daniel Farmer, The COPS Security Checker System USENIX Summer. pp. 165- 170 ,(1990)
Somesh Jha, Oleg Sheyner, Jeannette Marie Wing, Minimization and Reliability Analyses of Attack Graphs ,(2002)
Frédéric Cuppens, Rodolphe Ortalo, LAMBDA: A Language to Model a Database for Detection of Attacks recent advances in intrusion detection. pp. 197- 216 ,(2000) , 10.1007/3-540-39945-3_13
Robert P. Kurshan, Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach ,(1995)
Tim Bray, Jean Paoli, C. M. Sperberg-McQueen, Extensible markup language World Wide Web. ,vol. 2, pp. 29- 66 ,(1997) , 10.5555/274784.273625
Tim Bray, Jean Paoli, C. M. Sperberg-McQueen, Extensible Markup Language (XML). World Wide Web. ,vol. 2, pp. 27- 66 ,(1997)
Alessandro Cimatti, Edmund Clarke, Fausto Giunchiglia, Marco Roveri, NUSMV: a new symbolic model checker International Journal on Software Tools for Technology Transfer. ,vol. 2, pp. 410- 425 ,(2000) , 10.1007/S100090050046
Michael Randolph Garey, Johnson: computers and intractability: a guide to the theory of np- completeness (freeman ,(1979)
Michael R. Garey, David S. Johnson, Computers and Intractability: A Guide to the Theory of NP-Completeness ,(1979)