Title :
Exploit-based Analysis of Attack Models
Author :
Kijsanayothin, Phongphun ; Hewett, Rattikorn
Author_Institution :
Dept. of Electr. & Comput. Eng., Naresuan Univ., Phitsanulok, Thailand
Abstract :
Protecting network-accessible resources from unauthorized use requires understanding of network vulnerability. Building attack models as chains of vulnerability exploits by an attacker can help locate flaws to prevent attacks. This paper presents an approach to automatically analyzing security attack models called exploit-based analysis. By using knowledge about exploitability of network vulnerabilities combined with a Markov computational process commonly used in link analysis, exploit based analysis ranks nodes in the attack model in order of their likelihoods of being compromised. The paper discusses the details of the approach, illustrates its use, and compares results with an existing technique.
Keywords :
Markov processes; authorisation; computer network security; telecommunication links; Markov computational process; attack prevention; automatic security attack model analysis; exploit-based attack model analysis; link analysis; network vulnerability exploitability; network-accessible resources; node ranking; Adaptation models; Algorithm design and analysis; Analytical models; Complexity theory; Computational modeling; Knowledge engineering; Security; Attack graphs; network security; network vulnerability; ranking algorithm; security models;
Conference_Titel :
Network Computing and Applications (NCA), 2013 12th IEEE International Symposium on
Conference_Location :
Cambridge, MA
Print_ISBN :
978-0-7695-5043-5
DOI :
10.1109/NCA.2013.18
