Performance Analysis of Scalable Attack Representation Models

被引:0
作者
Hong, Jin B. [1 ]
Kim, Dong Seong [1 ]
机构
[1] Univ Canterbury, Comp Sci & Software Engn, Christchurch 1, New Zealand
来源
SECURITY AND PRIVACY PROTECTION IN INFORMATION PROCESSING SYSTEMS | 2013年 / 405卷
关键词
Attack Graph; Attack Tree; Complexity Analysis; Security Model; Scalability;
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Attack graphs (AGs) have been widely used for security analysis. The construction of the graph-based attack models including the AG have been studied, but the security evaluation considering the full attack paths cannot be computed using existing attack models due to the scalability problem. To solve this, we propose to use hierarchical attack representation models (HARMs). First, we formulate key questions that need to be answered to compare the scalability of existing attack models. We show the scalability of the HARMs via simulations, by taking into account practical attack scenario based on various network topologies.
引用
收藏
页码:330 / 343
页数:14
相关论文
共 23 条
[11]   Host-Centric Model Checking for Network Vulnerability Analysis [J].
Hewett, Rattikorn ;
Kijsanayothin, Phongphun .
24TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2008, :225-234
[12]  
Hong J., 2012, P 10 AUSTR INF SEC M
[13]   Practical attack graph generation for network defense [J].
Ingols, Kyle ;
Lippmann, Richard ;
Piwowarski, Keith .
22ND ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2006, :121-+
[14]   Modeling Modern Network Attacks and Countermeasures Using Attack Graphs [J].
Ingols, Kyle ;
Chu, Matthew ;
Lippmann, Richard ;
Webster, Seth ;
Boyer, Stephen .
25TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, 2009, :117-126
[15]  
Noel S, 2005, 21st Annual Computer Security Applications Conference, Proceedings, P145
[16]  
Noel S., 2004, VizSEC/DMSEC '04: Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, New York, NY, USA, P109
[17]  
Ou X., 2006, P 13 ACM C COMPUTER, P336, DOI DOI 10.1145/1180405.1180446
[18]   On credibility of simulation studies of telecommunication networks [J].
Pawlikowski, K ;
Jeong, HDJ ;
Lee, JSR .
IEEE COMMUNICATIONS MAGAZINE, 2002, 40 (01) :132-139
[19]   Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees [J].
Roy, Arpan ;
Kim, Dong Seong ;
Trivedi, Kishor S. .
SECURITY AND COMMUNICATION NETWORKS, 2012, 5 (08) :929-943
[20]  
Sawilla RE, 2008, LECT NOTES COMPUT SC, V5283, P18
123