An analysis approach for multi-stage network attacks

Author

Wang, Ying-mei ; Liu, Zeng-liang ; Cheng, Xiang-yun ; Zhang, Ke-jun

Author_Institution

Sch. of Inf. Eng., Univ. of Sci. & Technol., Beijing, China

Volume

7

fYear

2005

fDate

18-21 Aug. 2005

Firstpage

3949

Abstract

To understand overall vulnerability to network attack, one must consider attacker behavior not just in isolation, but also within its wider context. A M-FSM model was proposed for the multi-stage vulnerable operations. The goal of this M-FSM is to analyze how the implemented step-by-step operation, or more precisely each step activity within the whole operation, contributes to an attack goal. This model can be used to identify attack paths to critical network resources. From these attack paths an expression for network safety in terms of the initial configuration can be derived. Subsequently, the system manager can take measures to strengthen the network.

Keywords

computer network management; finite state machines; risk management; security of data; attack model; attack path; finite state machine; multistage network attacks; network attacker behavior; network resources; network safety; network vulnerability; risk assessment; Automata; Communication system security; Electronic mail; Government; Information analysis; Information security; Intrusion detection; Isolation technology; Laboratories; National security; Attack Model; Finite State Machine; Multi-stage Attack; Risk Assessment;

fLanguage

English

Publisher

ieee

Conference_Titel

Machine Learning and Cybernetics, 2005. Proceedings of 2005 International Conference on

Conference_Location

Guangzhou, China

Print_ISBN

0-7803-9091-1

Type

conf

DOI

10.1109/ICMLC.2005.1527628

Filename

1527628