Remember Me
Or use your Academic/Social account:


Or use your Academic/Social account:


You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.


Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message


Verify Password:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Franqueira, Virginia Nunes Leal; van Eck, Pascal; Wieringa, Roel (2009)
Publisher: Institute of Electrical and Electronics Engineers (IEEE)
Languages: English
Types: Unknown
Subjects: I110

Classified by OpenAIRE into

arxiv: Computer Science::Cryptography and Security
Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • [1] R. A. Martin, “Managing Vulnerabilities in Networked Systems,” IEEE Computer Society Computer Magazine, vol. 34, no. 11, pp. 32-38, November 2001.
    • [2] O. Sheyner and J. Wing, “Tools for Generating and Analyzing Attack Graphs,” in In Proc. of Workshop on Formal Methods for Components and Objects, ser. LNCS 3188. Germany: Springer-Verlag, 2004, pp. 344-371.
    • [3] R. W. Ritchey and P. Ammann, “Using Model Checking to Analyze Network Vulnerabilities,” in SP'00: Proc. of the 2000 IEEE Symposium on Security and Privacy. Washington, DC, USA: IEEE Computer Society, 2000, pp. 156-165.
    • [4] B. Berard, M. Bidoit, A. Finkel, F. Laroussinie, A. Petit, L. Petrucci, and P. Schnoebelen, Systems and software verification: Model-checking techniques and tools. Berlin: Springer-Verlag, 2001.
    • [5] K. Ingols, R. Lippmann, and K. Piwowarski, “Practical attack graph generation for network defense,” in ACSAC '06: Proc. of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference. Washington, DC, USA: IEEE Computer Society, 2006, pp. 121-130.
    • [6] W. Li, R. B. Vaughn, and Y. S. Dandass, “An approach to model network exploitations using exploitation graphs,” Simulation, vol. 82, no. 8, pp. 523-541, 2006.
    • [7] P. Ammann, D. Wijesekera, and S. Kaushik, “Scalable, graph-based network vulnerability analysis,” in CCS '02: Proceedings of the 9th ACM conference on Computer and communications security. New York, NY, USA: ACM, 2002, pp. 217-224.
    • [8] S. Jajodia, S. Noel, and B. O'Berry, “Topological Analysis of Network Attack Vulnerability,” in Managing Cyber Threats: Issues, Approaches and Challenges. Germany: Springer-Verlag, 2005.
    • [9] L. P. Swiler, C. Phillips, D. Ellis, and S. Chakerian, “Computerattack graph generation tool,” in DISCEX II'01: DARPA Information Survivability Conference and Exposition Conference and Exposition, vol. 2. Washington, DC, USA: IEEE Computer Society, June 2001, pp. 307-321.
    • [10] X. Ou, W. F. Boyer, and M. A. McQueen, “A Scalable Approach to Attack Graph Generation,” in CCS '06: Proc. of the 13th ACM Conf. on Computer and Communications Security. New York, NY, USA: ACM, 2006, pp. 336-345, people.cis.ksu.edu/∼xou/publications/ccs06.pdf.
    • [11] J. Dawkins and J. Hale, “A Systematic Approach to Multi-Stage Network Attack Analysis,” in IWIA '04: Proc. of the 2nd IEEE Int. Information Assurance Workshop. Washington, DC, USA: IEEE Computer Society, 2004, pp. 48-56.
    • [12] “Skybox security inc.” 2008, http://www.skyboxsecurity.com/, accessed 16 Sept 2008.
    • [13] S. Noel and S. Jajodia, “Managing attack graph complexity through visual hierarchical aggregation,” in VizSEC/DMSEC '04: Proc. of the 2004 ACM workshop on Visualization and data mining for computer security. New York, NY, USA: ACM, 2004, pp. 109-118, http://doi. acm.org/10.1145/1029208.1029225.
    • [14] L. Williams, R. Lippmann, and K. Ingols, “An interactive attack graph cascade and reachability display,” in VizSEC'07: Proc. of the Workshop on Visualization for Computer Security. Springer-Verlag, October 2007, pp. 221-235.
    • [15] S. Noel and S. Jajodia, “Understanding Complex Network Attack Graphs through Clustered Adjacency Matrices,” in ACSAC '05: Proceedings of the 21st Annual Computer Security Applications Conference. Washington, DC, USA: IEEE Computer Society, 2005, pp. 160-169.
    • [16] V. N. L. Franqueira and R. H. C. Lopes, “Vulnerability Assessment by Learning Attack Specifications in Graphs,” in IAS'07: Proc. of the 3rd Int. Symposium on Information Assurance and Security), August 2007, pp. 161-164.
    • [17] M. Cremonini and D. Nizovtsev, “Understanding and Influencing Attackers Decisions: Implications for Security Investment Strategies,” in WEIS06: 5th Workshop on the Economics of Information Security, June 2006, http://weis2006.econinfosec.org/docs/3.pdf.
    • [18] L. Cardelli and A. D. Gordon, “Mobile Ambients,” in Foundations of Software Science and Computation Structures: First International Conference, FOSSACS'98, ser. LNCS, vol. 1378. Berlin Germany: Springer-Verlag, 1998, pp. 140-155.
    • [19] L. Cardelli, “Mobility and security,” in Proc. of the NATO Advanced Study Institute on Foundations of Secure Computation, ser. NATO Science Series, F. L. Bauer and R. Steinbrggen, Eds. Marktoberdorf, Germany: IOS Press, 27 July - 8 August 2000, pp. 3-37, lecture notes for Marktoberdorf Summer School 1999.
    • [20] A. Regev, E. M. Panina, W. Silverman, L.Cardelli, and E. Shapiro, “BioAmbients: An abstraction for biological compartments,” Theoretical Computer Science, Special Issue on Computational Methods in Systems Biology, vol. 325, no. 1, pp. 141-167, September 2004.
    • [21] R. Milner, “Pure bigraphs,” University of Cambridge, Tech. Rep. UCAM-CL-TR-614, January 2005.
    • [22] S. Brin and L. Page, “The anatomy of a large-scale hypertextual Web search engine,” Comput. Netw. ISDN Syst., vol. 30, no. 1-7, pp. 107-117, 1998.
    • [23] V. N. L. Franqueira, R. H. C. Lopes, and P. van Eck, “Multi-step Attack Modelling and Simulation (MsAMS) Framework based on Mobile Ambients,” in SAC'2009: Proc. of the 24th Annual ACM Symposium on Applied Computing. New York, NY, USA: ACM Press, March 2009, accepted for publication.
    • [24] NVD, “National vulnerability database v2,” http://nvd.nist.gov/. Visited 10-July-2008.
    • [25] V. N. L. Franqueira and M. van Keulen, “Analysis of the NIST database towards the composition of vulnerabilities in attack scenarios,” Centre for Telematics and Information Technology (CTIT), University of Twente, Enschede, The Netherlands, Tech. Rep. TR-CTIT-08-08, Feb. 2008.
    • [26] J. M. Kleinberg, “Authoritative Sources in a Hyperlinked Environment,” in In Proc. Ninth Ann. ACM-SIAM Symp. Discrete Algorithms. New York: ACM Press, 1998, pp. 668-677.
    • [27] A. N. Langville and C. D. Meyer, Google's PageRank and Beyond: The Science of Search Engine Rankings. Princeton Universty Press, 2006.
    • [28] V. N. L. Franqueira, R. H. C. Lopes, and P. van Eck, “Multi-step Attack Modelling and Simulation (MsAMS) Framework based on Mobile Ambients,” Centre for Telematics and Information Technology (CTIT), University of Twente, Enschede, The Netherlands, Tech. Rep. TR-CTIT08-44, Jun. 2008.
    • [29] J. A. Tomlin, “A new paradigm for ranking pages on the world wide web,” in WWW '03: Proc. of the 12th Int. Conf. on World Wide Web. New York, NY, USA: ACM, 2003, pp. 350-355.
  • No related research data.
  • Discovered through pilot similarity algorithms. Send us your feedback.

Share - Bookmark

Cite this article