Performance Analysis of Scalable Attack Representation Models

被引：0

作者：

Hong, Jin B. ^{[1
]}

Kim, Dong Seong ^{[1
]}

机构：

[1] Univ Canterbury, Comp Sci & Software Engn, Christchurch 1, New Zealand

来源：

SECURITY AND PRIVACY PROTECTION IN INFORMATION PROCESSING SYSTEMS | 2013年 / 405卷

关键词：

Attack Graph; Attack Tree; Complexity Analysis; Security Model; Scalability;

D O I：

暂无

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Attack graphs (AGs) have been widely used for security analysis. The construction of the graph-based attack models including the AG have been studied, but the security evaluation considering the full attack paths cannot be computed using existing attack models due to the scalability problem. To solve this, we propose to use hierarchical attack representation models (HARMs). First, we formulate key questions that need to be answered to compare the scalability of existing attack models. We show the scalability of the HARMs via simulations, by taking into account practical attack scenario based on various network topologies.

引用

页码：330 / 343

页数：14

共 23 条

[11] Host-Centric Model Checking for Network Vulnerability Analysis
Hewett, Rattikorn
Kijsanayothin, Phongphun
[J]. 24TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2008, : 225 - 234
[12] Hong J., 2012, P 10 AUSTR INF SEC M
[13] Practical attack graph generation for network defense
Ingols, Kyle
Lippmann, Richard
Piwowarski, Keith
[J]. 22ND ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2006, : 121 - +
[14] Modeling Modern Network Attacks and Countermeasures Using Attack Graphs
Ingols, Kyle
Chu, Matthew
Lippmann, Richard
Webster, Seth
Boyer, Stephen
[J]. 25TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, 2009, : 117 - 126
[15] Noel S, 2005, 21st Annual Computer Security Applications Conference, Proceedings, P145
[16] Noel S., 2004, VizSEC/DMSEC '04: Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, New York, NY, USA, P109
[17] Ou X., 2006, P 13 ACM C COMPUTER, P336, DOI DOI 10.1145/1180405.1180446
[18] On credibility of simulation studies of telecommunication networks
Pawlikowski, K
Jeong, HDJ
Lee, JSR
[J]. IEEE COMMUNICATIONS MAGAZINE, 2002, 40 (01) : 132 - 139
[19] Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees
Roy, Arpan
Kim, Dong Seong
Trivedi, Kishor S.
[J]. SECURITY AND COMMUNICATION NETWORKS, 2012, 5 (08) : 929 - 943
[20] Sawilla RE, 2008, LECT NOTES COMPUT SC, V5283, P18

← 1 2 3 →