作者: Richard Lippmann , Kyle Ingols , Chris Scott , Keith Piwowarski , Kendra Kratkiewicz
DOI: 10.1109/MILCOM.2006.302434
关键词:
摘要: Defense in depth is a common strategy that uses layers of firewalls to protect Supervisory Control and Data Acquisition (SCADA) subnets other critical resources on enterprise networks. A tool named NetSPA presented analyzes firewall rules vulnerabilities construct attack graphs. These show how inside outside attackers can progress by successively compromising exposed vulnerable hosts with the goal reaching internal targets. generates graphs automatically them produce small set prioritized recommendations restore defense depth. Field trials networks up 3,400 demonstrate often do not provide due misconfigurations unpatched hosts. In all cases, number was provided Simulations 50,000 this approach scales well enterprise-size