Ma Jun-chun,Wang Yong-jun,Sun Ji-yin,Chen Shan

DOI: https://doi.org/10.1016/j.proeng.2011.08.606

2011-01-01

Procedia Engineering

Abstract:In order to improve network's security, a minimum cost of network hardening model (MCNHM) based on attack graphs is presented. Firstly, the bidirectional-based search strategy is used to search the network vulnerabilities’ relationship, which improves the generation efficiency of attack graphs, and reduces the system resource consumption; Secondly, this model gives the formal definition of minimum-cost of network hardening; Finally, it combines attack graphs and genetic algorithm, and transforms the problem of minimum cost of network hardening to a non-restraint optimization problem with penalty by establishing the corresponding mathematical model, which guarantees the network security with the least cost. This model is an important component of the National High-Tech Research and Development Plan of China, under Grant No.2009AA01Z432, a great of experimental results show that this model can find the minimum cost of target network, so it can help network security managers carry on safety protection in pertinence, and has important practical significance.

Feng Chen,Ri Tu,Yi Zhang,Jinshu Su

DOI: https://doi.org/10.1109/ieec.2009.24

2010-01-01

Journal of Networks

Abstract:The compact attack graphs can implicitly reveal the potential threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromising given critical resources in enterprise networks with thousands of hosts. For security analysts, the challenge is how to analyze the complex attack graphs with possible ten thousands of nodes for defending the security of network. In the paper, we will essentially discuss two issues about it. The first is to compute non-loop attack paths with the distance less than the given number that the real attacker may take in realistic attack scenarios. The second is how to measure security risk. Two scalable approaches are proposed to solve the above two issues respectively. These approaches are proved to have a polynomial time complexity and can scale to the attack graphs with ten thousands of nodes corresponding to large enterprise networks.

Feng Chen,Ri Tu,Yi Zhang,Jinshu Su

DOI: https://doi.org/10.1109/NSWCTC.2009.268

2009-01-01

Abstract:The compact attack graphs implicitly reveal the threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromising given critical resources in enterprise networks with thousands of hosts. For security analysts, the challenge is how to analyze the complex attack graphs with possible ten thousands of nodes for defending the security of network. In the paper, we will essentially discuss two issues about it. The first is to compute non-loop attack paths with the distance less than the given number that the real attacker may take practically in realistic attack scenarios. The second is to find the solution to removing vulnerabilities in such a way that given critical resources cannot be compromised while the cost for such removal incurs the least cost. We propose two scalable approaches to solve the above two issues respectively. These two approaches are proved to have a polynomial time complexity and can scale to the attack graphs with ten thousands of nodes corresponding large enterprise networks.

Feng Chen,Jinshu Su

DOI: https://doi.org/10.1109/ISECS.2008.122

2008-01-01

Abstract:The previous approaches to measuring network security are most based on the hypothesis that the related source data can be known well and truly. But in practice,it is very difficult to obtain all the related accurate source data [22]. In this paper, we propose a flexible approach based on attack graphs to measuring security of crucial resources in vulnerable network, which could bring out the accurate result of measuring network security with incomplete input data. Another key improvement is presenting the backward iterative algorithm to solve the problem of cyclic attack paths in measuring security using attack graphs. At the same time, the simulation experiment demonstrates the algorithm can be applied to the large attack graphs.

Anming Xie,Zhuhua Cai,Cong Tang,Jianbin Hu,Zhong Chen

DOI: https://doi.org/10.1109/ACSAC.2009.22

2009-01-01

Abstract:Attack graphs play important roles in analyzing network security vulnerabilities, and previous works have provided meaningful conclusions on the generation and security measurement of attack graphs. However, it is still hard for us to understand attack graphs in a large network, and few suggestions have been proposed to prevent inside malicious attackers from attacking networks. To address these problems, we propose a novel approach to generate and describe attack graphs. Firstly, we construct a two-layer attack graph, where the upper layer is a hosts access graph and the lower layer is composed of some host-pair attack graphs. Compared with previous works, our attack graph has simpler structures, and reaches the best upper bound of computation cost in O(N2). Furthermore, we introduce the adjacency matrix to efficiently evaluate network security, with overall evaluation results presented by gray scale images vividly. Thirdly, by applying prospective damage and important weight factors on key hosts with crucial resources, we can create prioritized lists of potential threatening hosts and stepping stones, both of which can help network administrators to harden network security. Analysis on computation cost shows that the upper bound computation cost of our measurement methodology is O(N3), which could also be completed in real time. Finally, we give some examples to show how to put our methods in practice.

Rahul Chandran,Wei Q. Yan

DOI: https://doi.org/10.4018/ijdcf.2014010103

2014-01-01

International Journal of Digital Crime and Forensics

Abstract:The development of technology in computer networks has boosted the percentage of cyber-attacks today. Hackers are now able to penetrate even the strongest IDS and firewalls. With the help of anti-forensic techniques, attackers defend themselves, from being tracked by destroying and distorting evidences. To detect and prevent network attacks, the main modus of operandi in network forensics is the successful implementation and analysis of attack graph from gathered evidences. This paper conveys the main concepts of attack graphs, requirements for modeling and implementation of graphs. It also contributes the aspect of incorporation of anti-forensic techniques in attack graph which will help in analysis of the diverse possibilities of attack path deviations and thus aids in recommendation of various defense strategies for better security. To the best of our knowledge, this is the first time network anti-forensics has been fully discussed and the attack graphs are employed to analyze the network attacks. The experimental analysis of anti-forensic techniques using attack graphs were conducted in the proposed test-bed which helped to evaluate the model proposed and suggests preventive measures for the improvement of security of the networks.

Feng YAN,Shu-fen LIU,Huang LENG

DOI: https://doi.org/10.3969/j.issn.0372-2112.2014.12.20

2014-01-01

Abstract:Attack graph analysis is an effective tool for analyzing network vulnerability,representing the process that attack-ers penetrate networks using the complex interdependence between vulnerabilities and network configurations .In this paper,we prove the equivalence of the optimization security measure problem and the weighted hitting set problem,and present the method which converts the optimization security measure problem to the weighted hitting set problem on the premise of not increasing the problem scale .Theoretical analysis and experiments show that the method based on conversion has better performance than the method based on critical attack sets in converging to the global optimal solution .

Anmin Xie,Cong Tang,Nike Gui,Zhuhua Cai,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1109/ICC.2010.5502655

2010-01-01

Abstract:To protect our networks against malicious intrusions, we need to evaluate these networks security. Previous works on attack graphs have provided meaningful conclusions on security measurement. However, large attack graphs are still hard to be understood vividly, and few suggestions have been proposed to prevent inside malicious attackers from attacking networks. To address these problems, we propose a novel approach to evaluate network security based on adjacency matrixes, which are constructed from existing attack graphs. With our model, we use gray scale images to show overall security vividly, and get quantitative evaluation scores. Moreover, we create a prioritized list of potential threatening hosts, which can help network administrators to harden network step by step. Analysis on computation cost shows that the upper bound computation cost of our measurement methodology is O(N3), which could be completed in real time. We also give an example to show how to put our methods in practice.

Yonggang Wang,Nike Gui,Jian-bin Hu,CHEN Zhong

DOI: https://doi.org/10.1007/978-90-481-3662-9_22

2010-01-01

Abstract:For solving scalability problem of Network Attack Graph(NAG), this paper presents a new method for network modeling based on layered NAG. Layered NAG includes "attack subgraph" and "attack supergraph". The attack subgraph describes specific attack scenarios from the source host to the destination host and efficiently produces the attack planning after eliminating redundant paths and nodes. The attack supergraph describes the attacker's privilege transition to allow the network administrator to evaluate the vulnerabilities of the network.

Orly Stan,Ron Bitton,Michal Ezrets,Moran Dadon,Masaki Inokuchi,Yoshinobu Ohta,Tomohiko Yagyu,Yuval Elovici,Asaf Shabtai

DOI: https://doi.org/10.48550/arXiv.1906.10943

2019-06-26

Abstract:Selecting the optimal set of countermeasures is a challenging task that involves various considerations and tradeoffs such as prioritizing the risks to mitigate and costs. The vast majority of studies for selecting a countermeasure deployment are based on a limited risk assessment procedure that utilizes the common vulnerability scoring system (CVSS). Such a risk assessment procedure does not necessarily consider the prerequisites and exploitability of a specific asset, cannot distinguish insider from outsider threat actor, and does not express the consequences of exploiting a vulnerability as well as the attacker's lateral movements. Other studies applied a more extensive risk assessment procedure that relies on manual work and repeated assessment. These solutions however, do not consider the network topology and do not specify the optimal position for deploying the countermeasures, and therefore are less practical. In this paper we suggest a heuristic search approach for selecting the optimal countermeasure deployment under a given budget limitation. The proposed method expresses the risk of the system using an extended attack graph modeling, which considers the prerequisites and consequences of exploiting a vulnerability, examines the attacker's potential lateral movements, and express the physical network topology as well as vulnerabilities in network protocols. In addition, unlike previous studies which utilizes attack graph for countermeasure planning, the proposed methods does not require re-generating the attack graph at each stage of the procedure, which is computationally heavy, and therefore it provides a more accurate and practical countermeasure deployment planning process.

Cryptography and Security

Anming Xie,Guodong Chen,Yonggang Wang,Zhong Chen,Jianbin Hu

2009-01-01

Abstract:To address the scalability problem in attack graphs generation, we propose a novel method to generate attack graphs automatically. Our approach constructs a two- tier attack graph framework, which includes a host access graph and some sub-attack graphs .A sub-attack graph describes concrete attack scenarios from one source host to one target host, while the host access graph describes the attacker's privilege transition among hosts. Our sub-attack graphs and host access graph have remarkable smaller scales and can help network administrators to find the key hosts in attack sequences. Analysis shows that the upper bound computational cost of our model is O(N 3 ), which could also be competed in real time. The following experiment validates our approach. Keywords-network security; attack graphs; host access graph; sub-attack graph; I. INTRODUCTION

Anming Xie,Guodong Chen,Yonggang Wang,Zhong Chen,Jianbin Hu

DOI: https://doi.org/10.1109/SSIRI.2009.32

2009-01-01

Abstract:To address the scalability problem in attack graphs generation, we propose a novel method to generate attack graphs automatically. Our approach constructs a two- tier attack graph framework, which includes a host access graph and some sub-attack graphs. A sub-attack graph describes concrete attack scenarios from one source host to one target host, while the host access graph describes the attacker's privilege transition among hosts. Our sub-attack graphs and host access graph have remarkable smaller scales and can help network administrators to find the key hosts in attack sequences. Analysis shows that the upper bound computational cost of our model is O(N3), which could also be competed in real time. The following experiment validates our approach.

XU Li,YUAN Yi,XUE Zhi

DOI: https://doi.org/10.3969/j.issn.1009-8054.2011.04.020

2011-01-01

Abstract:A large amount of security loophole is one of the important causes leading to the severe general security situation. The study on network security assessment is thus of significant practical importance. This paper describes in detail the method for building up the attack graph model, and gives an auto-generating algorithm of attack graph. An approach by using mathematic model to analyze attack graph for security assessment of network is proposed. With a virtual network environment, the method is verified. The proposed approach is of practical significance in the Study of attack graph.

Chi Lin,Guowei Wu,Xiaochen Lai,Tie Qiu

DOI: https://doi.org/10.1007/978-3-319-27137-8_30

2015-01-01

Abstract:In node capture attacks, an attacker intellectually captures nodes and extracts cryptographic keys from their memories to wreck security, reliability and confidentiality of wireless sensor networks. Previous methods suffered from low attacking efficiency and neglected resource expenditure. A novel method of modeling the node capture attack is proposed aiming at maximizing destructiveness while minimizing resource expenditure. We convert routing paths into abstracted vertexes and formalize hybrid graph model for the network. A property called destructive value is defined for expressing the destructiveness of attacking a node. We develop a Greedy AttaCking algoRithm named GACR on the hybrid graph. An attacker is able to maximize the destructiveness of the attack while constructing the shortest Hamiltonian cycle to reduce resource expenditure. At last, extensive simulations are conducted to show the advantages of our scheme. Simulation results demonstrate that, GACR can reduce the attacking times, enhance the attacking efficiencies and save energy cost in compromising the network.

Sebastian Wandelt,Xiaoqian Sun,Xianbin Cao

DOI: https://doi.org/10.1080/23249935.2015.1089953

2015-10-21

Abstract:Maintaining robustness is a key challenge for present and future air transportation. The analysis of network robustness is a time-demanding task, whose complexity increases with the size of networks. Accordingly, network attacks are often built on network metrics, for instance, attacking the nodes in decreasing order of their degree or betweenness. Albeit the results can be insightful, there is no guarantee regarding the quality or optimality of these attacks. In this paper, we propose a new exploration/exploitation search technique for a computationally efficient attacking model, adapted from general game playing. We propose an incremental solution for the efficient computation of robustness measures, by exploiting the network similarity before and after executing an attack, and thus, avoiding redundant computations. We define four tasks in the attacking model: Static attack, interactive attack, dynamic attack, and finding the best attack. The analysis of real-world air transportation networks reveals that commonly used network metric-based attacking strategies are already suboptimal for short attacks of length two. Our computationally efficient attacking model contributes to scalable analysis of robustness, not only for air transportation, but also for networks in general.

Yan Liao

DOI: https://doi.org/10.12694/scpe.v25i1.2254

2024-01-04

Abstract:Insufficient communication attack defense capabilities within industrial control networks is a serious problem that is addressed in this study. The author proposes a methodology that focuses on creating attack graphs to ease security and vulnerability studies in industrial control network systems in order to address this issue. The article provides thorough construction guidance and techniques for attack graphs, which are used for penetration testing and vulnerability analysis of networks for industrial control systems. On the created attack graph, experimental evaluations utilizing the ``earthquake net'' virus were carried out. The findings point to four main attack routes where the ``Zhenwang'' virus is most likely going to attack and cause the most damage. With a loss value of 12.2 and an attack success chance of 0.096, the first path involves cumulative attack stages. The second path consists of cumulative attack steps, with a loss value of 10.2 and an attack success probability of 0.072. The third path encompasses cumulative attack steps, with a loss value of 16.6 and an attack success probability of 0.063. The fourth path comprises cumulative attack steps, with a loss value of 18.6 and an attack success probability of 0.084.

Xiaochun Xiao,Tiange Zhang,Huan Wang,Gendu Zhang

DOI: https://doi.org/10.1109/fitme.2008.123

2008-01-01

Abstract:Going beyond vulnerability scanning tools that make lists of known vulnerabilities locating on given individual hosts, attack graphs identify all possible attack paths that end in a state where an attacker has successfully achieved his goal. But the algorithmic complexity grows exponential in the size of the network. The access graph is proposed as a complement to the attack graph approach which is host-centric and grows polynomially with the number of hosts and so has the benefit of being computationally feasible on large networks. In this paper, we propose a novel component-centric access graph. Based on the modeling substrates for network, hosts, vulnerabilities and the component-centric access graph, the access graph generation algorithm and a number of ways the security administrator can use the resulting access graph to help secure the network are discussed. Compared with related works, our approach improves the performance and further reduces the computational cost.

Diksha Goel

2023-09-22

Abstract:With the burgeoning advancements of computing and network communication technologies, network infrastructures and their application environments have become increasingly complex. Due to the increased complexity, networks are more prone to hardware faults and highly susceptible to cyber-attacks. Therefore, for rapidly growing network-centric applications, network resilience is essential to minimize the impact of attacks and to ensure that the network provides an acceptable level of services during attacks, faults or disruptions. In this regard, this thesis focuses on developing effective approaches for enhancing network resilience. Existing approaches for enhancing network resilience emphasize on determining bottleneck nodes and edges in the network and designing proactive responses to safeguard the network against attacks. However, existing solutions generally consider broader application domains and possess limited applicability when applied to specific application areas such as cyber defense and information diffusion, which are highly popular application domains among cyber attackers. This thesis aims to design effective, efficient and scalable techniques for discovering bottleneck nodes and edges in the network to enhance network resilience in cyber defense and information diffusion application domains. We first investigate a cyber defense graph optimization problem, i.e., hardening active directory systems by discovering bottleneck edges in the network. We then study the problem of identifying bottleneck structural hole spanner nodes, which are crucial for information diffusion in the network. We transform both problems into graph-combinatorial optimization problems and design machine learning based approaches for discovering bottleneck points vital for enhancing network resilience.

Cryptography and Security,Machine Learning

Yonglin Sun,Yongjun Wang,Xin Hu,Zhanrui Ren,Jie Liu

2011-01-01

Abstract:Computer networks are inevitably attacked as a result of their openness, while network attack usually actualized by exploiting vulnerability existing in network environment. Attack graph, consisted of lots of related atomic attacks, can fully display the exploitation and dependence relations among all of the vulnerabilities existed in network. Thus, it is a very useful tool for network vulnerability analysis and network security evaluation. However, the prevalent Attacker's Ability Monotonic Assumption (AAMA) constraint for attack graph generation could not make full use of the direction of network attack and the hierarchy of defense. As a result, using AAMA to constraint the process of attack graph generation is not only inefficient but also couldn't reduce the complexity of attack graph, especially for large-scale complicated network. According to lots of experiment and theoretical analysis, we found that it is mainly the existence of Circuitous Attack Paths (CAP) in attack graph lead to it complexity and the low efficiency of generation. To address this problem, we proposed the concept of Network Security Gradient (NSG) to reflect the direction of the network attack and the hierarchy of defense, and the Gradient Attack Assumption (GAA) to constraint the process of attack graph generation for the purpose of avoiding CAPs. Testified by a case study, using the GAA to constraint the process of attack graph generation can destruct those circuitous attack paths, therefore, is an effective way to improve the efficiency of attack graph generation and reduce the complexity of attack graph, and make it more useful for vulnerability analysis and network security evaluation.

Xiaochun Xiao,Tiange Zhang,Gendu Zhang

DOI: https://doi.org/10.1109/paciia.2008.183

2008-01-01

Abstract:Protecting computer network security is critical today. Many graph-based approaches have been proposed to analyze network vulnerabilities. Attack Graph is the most influential one. But attack graphs grow exponentially with the size of the network. In this paper, we propose a comprehensive framework for network vulnerabilities modeling and analysis based on the access graph. As a complement to the attack graph approach, the access graph is host-centric approach, which grows polynomially with the number of hosts and so has the benefit of being computationally feasible on large networks. Compared with related works, our approach improves in both performance and computational cost.