Filters








18,313 Hits in 4.9 sec

Scalable, graph-based network vulnerability analysis

Paul Ammann, Duminda Wijesekera, Saket Kaushik
2002 Proceedings of the 9th ACM conference on Computer and communications security - CCS '02  
Even well administered networks are vulnerable to attack.  ...  Researchers have proposed a variety of graph-based algorithms to generate attack trees (or graphs).  ...  AN SCALABLE, GRAPH-BASED ALGO-RITHM FOR NETWORK ANALYSIS We treat vulnerabilities, attacker access privileges, and network connectivity in a way similar to other authors [13, 12] , but with some simplification  ... 
doi:10.1145/586139.586140 fatcat:etzbaaiokbeurkb776fhhis7c4

Scalable, graph-based network vulnerability analysis

Paul Ammann, Duminda Wijesekera, Saket Kaushik
2002 Proceedings of the 9th ACM conference on Computer and communications security - CCS '02  
Even well administered networks are vulnerable to attack.  ...  Researchers have proposed a variety of graph-based algorithms to generate attack trees (or graphs).  ...  AN SCALABLE, GRAPH-BASED ALGO-RITHM FOR NETWORK ANALYSIS We treat vulnerabilities, attacker access privileges, and network connectivity in a way similar to other authors [13, 12] , but with some simplification  ... 
doi:10.1145/586110.586140 dblp:conf/ccs/AmmannWK02 fatcat:cjhaym7crjfdliy2bixls35p5y

Performance Analysis of Scalable Attack Representation Models [chapter]

Jin B. Hong, Dong Seong Kim
2013 IFIP Advances in Information and Communication Technology  
Hence, we will consider graph-based attack models to compare the performance in the phases of attack models. Sheyner [10] used a full attack graph, but it had a scalability problem.  ...  To compare the scalability of the HARMs, we will consider different graph-based attack models (simplified AG, LAG, MPG, and TLAG) and compare their scalability in the construction and the evaluation phase  ... 
doi:10.1007/978-3-642-39218-4_25 fatcat:n25shpxa2zbq5fjnxz3ubudvpq

S3: A DFW-based Scalable Security State Analysis Framework for Large-Scale Data Center Networks

Abdulhakim Sabur, Ankur Chowdhary, Dijiang Huang, Myong H. Kang, Anya Kim, Alexander Velazquez
2019 International Symposium on Recent Advances in Intrusion Detection  
With an average network size approaching 8000 servers, datacenter networks need scalable security-state monitoring solutions.  ...  Our experimental analysis shows that S3 (i) reduces AG generation and analysis complexity by reducing AG's density compared to existing AG-based solutions; (ii) utilizes SDN-based DFW to provide a granular  ...  Scalable Attack Graph Generation Cost Analysis • L(G) (i,j): 0 otherwise. The application of DFW at different levels of the physical and logical network increases graph sparsity.  ... 
dblp:conf/raid/SaburCHKKV19 fatcat:7fj2gow2tvbkviqlqkujk7zy4i

Spatio-Temporal Attack Course-of-Action (COA) Search Learning for Scalable and Time-Varying Networks [article]

Haemin Lee, Seok Bin Son, Won Joon Yun, Joongheon Kim, Soyi Jung, Dong Hwa Kim
2022 arXiv   pre-print
Therefore, we propose a spatio-temporal attack COA search algorithm for scalable and time-varying networks.  ...  On top of the spatial search, a Monte-Carlo (MC)- based temporal approach is additionally considered for taking care of time-varying network behaviors.  ...  In this paper, a multi-host multi-stage vulnerability analysis tool (MULVAL) which is one of logic-based security analyzers is used [26] .  ... 
arXiv:2209.00862v1 fatcat:k2ah5hv4hfbxrboyxu3jjnm37q

A Scalable Attack Graph Generation for Network Security Management

Akinyemi Akinyemi, Jekoyemi Jekoyemi, Aladesanmi Aladesanmi, Aderounmu Aderounmu, Kamagat Kamagat
2018 Journal of Computer Science and Information Technology  
This paper addresses the scalability issues of Attack Graph generation by leveraging on graph theory background.  ...  The Attack Graphs are very cumbersome to visually understand as they grow exponentially when the size of the network increases or the number of hosts" vulnerabilities increases in a network.  ...  , there is a need to provide a more scalable Attack Graph which captures only the required problem area which the network administrator leverage on during the vulnerability analysis.  ... 
doi:10.15640/jcsit.v6n2a4 fatcat:o7pfetneevd4nmtf5t52zk3wxm

A Scalable, Vulnerability Modeling and Correlating Method for Network Security [chapter]

Xuejiao Liu, Debao Xiao, Nian Ma, Jie Yu
2009 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
Modeling provides a concise representation for expressing fact base such as host configuration, vulnerability information, and network topology.  ...  Transition rule is presented in scalable design, which enables highly efficient methods of vulnerability correlation algorithm.  ...  Model checker is served as a powerful inference engine for chaining together network exploits, and suffers from scalability problems. In this paper we revisit the work of graph-based analysis.  ... 
doi:10.1007/978-3-642-10485-5_16 fatcat:pg4vo5xcr5dlze3ros7knek2qq

A New Approach for Network Vulnerability Analysis

H. L. Vu, K. K. Khaw, T. Y. Chen
2014 Computer journal  
Unlike previous graph-based algorithms that generate attack trees (or graphs) to cover all possible sequences of vulnerabilities and therefore are not scalable, our method utilizes the attack graph's principles  ...  We propose in this paper a novel approach to analyze network vulnerability and to obtain a quantitative value representing the level of security achieved in an arbitrary network.  ...  Although automating makes it easier to analyze and evaluate the overall vulnerabilities of a network and its security, scalability remains the main concern for graph-based network vulnerability analysis  ... 
doi:10.1093/comjnl/bxt149 fatcat:k3y4cpkbnvcjxnyxfa2voldegi

Networks Security models Scalability Analysis

Kamal Aldin Yousif Yaseen
2019 Mağallaẗ al-ʿulūm al-handasiyyaẗ wa-al-tiknūlūğiyā al-maʿlūmāt  
case computational complexity analyses based on fully connected topology, but real life networked systems run on various network topologies, and other factors that affect the overall performances of security  ...  There is an emerging scalability problem with existing security models as the size of the networked systems becoming larger, especially when analyzing all possible attack scenarios. presented the worst  ...  This research shows the scalability of security models used for a large sized Networked system, A performance analysis was conducted to demonstrate how Different security models, namely the HARM and the  ... 
doi:10.26389/ajsrp.k270119 fatcat:2my5w7hiazbhnm6zlm5pk5uk6y

Model-based Cybersecurity Analysis: Past Work and Future Directions [article]

Simon Yusuf Enoch, Mengmeng Ge, Jin B. Hong, Dong Seong Kim
2021 arXiv   pre-print
Model-based evaluation in cybersecurity has a long history. Attack Graphs (AGs) and Attack Trees (ATs) were the earlier developed graphical security models for cybersecurity analysis.  ...  In this paper, we summarize and classify security models into the following; graph-based, tree-based, and hybrid security models.  ...  Hong and Kim [5] developed the hybrid model to improve the scalability of security models, where both the graph-based and tree-based models are used in different layers.  ... 
arXiv:2105.08459v2 fatcat:h57zv76asfhuhlg3qps54zcpoa

Advances in Topological Vulnerability Analysis

Steven Noel, Matthew Elder, Sushil Jajodia, Pramod Kalapa, Scott O'Hare, Kenneth Prole
2009 2009 Cybersecurity Applications & Technology Conference for Homeland Security  
The organization of networks and the interdependencies of vulnerabilities are so complex as to make traditional vulnerability analysis inadequate.  ...  We describe a Topological Vulnerability Analysis (TVA) approach that analyzes vulnerability dependencies and shows all possible attack paths into a network.  ...  Analysis and Visualization To make TVA attack graphs feasible for realistic networks, we need scalable mathematical representations and algorithms.  ... 
doi:10.1109/catch.2009.19 fatcat:55zoqgjmmvffzasat3rlw3ivla

A Framework for Automated Identification of Attack Scenarios on IT Infrastructures

Seyit Ahmet Camtepe, Karsten Bsufka, Leonhard Hennig, Cihan Simsek, Sahin Albayrak
2012 PIK - Praxis der Informationsverarbeitung und Kommunikation  
Instead networks should be continuously tested against possible attacks.  ...  Current incidents prove that it is not sufficient anymore to perform manual security tests of the IT infrastructure based on sporadic security audits.  ...  AUTOMATED IT SECURITY TESTING FRAMEWORK AND ITS COMPONENTS We propose a scalable and extensible framework interconnected with real network where attack analysis, risk analysis, and testing of mitigation  ... 
doi:10.1515/pik-2012-0005piko.2012.35.1.25 fatcat:rpvuepgxavcfxii3ykw4jtiwna

A Framework for Automated Identification of Attack Scenarios on IT Infrastructures

Seyit Ahmet Camtepe, Karsten Bsufka, Leonhard Hennig, Cihan Simsek, Sahin Albayrak
2012 PIK - Praxis der Informationsverarbeitung und Kommunikation  
Instead networks should be continuously tested against possible attacks.  ...  Current incidents prove that it is not sufficient anymore to perform manual security tests of the IT infrastructure based on sporadic security audits.  ...  AUTOMATED IT SECURITY TESTING FRAMEWORK AND ITS COMPONENTS We propose a scalable and extensible framework interconnected with real network where attack analysis, risk analysis, and testing of mitigation  ... 
doi:10.1515/pik-2012-0005 fatcat:xnet5mcw4bdrlpifpnp7p7lyai

Utilizing semantic big data for realizing a national-scale infrastructure vulnerability analysis system

Sangkeun Lee, Supriya Chinthavali, Sisi Duan, Mallikarjun Shankar
2016 Proceedings of the International Workshop on Semantic Big Data - SBD '16  
We argue that this architecture acts as a baseline to realize a national-scale network based vulnerability analysis system.  ...  Next, we present a generic system architecture and discuss challenges including: (1) Constructing and managing a CI network-of-networks graph, (2) Performing analytic operations at scale, and (3) Interactive  ...  The topology-based analysis aims to discover useful vulnerability analysis results based on the understanding of the structure of a graph.  ... 
doi:10.1145/2928294.2928295 dblp:conf/sigmod/LeeCDS16 fatcat:biolcgbtojcfja72ryoiqcj5ku

A Review on Network Attack Graph Technology

Bin-tao YUAN, Zu-lie PAN, Fan SHI
2018 DEStech Transactions on Engineering and Technology Research  
The attack graph technology mainly focuses on helping the administrator with network defense strategies, through making risk analysis in the network by assessing the vulnerable relationship among nodes  ...  Therefore, researchers come up with the attack graph technology, helping with locating important vulnerabilities and key nodes, to better analyze the state of the cyber security and reduce the strengthening  ...  TVA and Cauldron TVA (Topological Vulnerability Analysis) is a tool to automatically analyze the vulnerabilities in the network to generate the attack graph [23] .  ... 
doi:10.12783/dtetr/ecar2018/26351 fatcat:7b7eosy6d5g4jp2mkndul3mngq
« Previous Showing results 1 — 15 out of 18,313 results