Exploit-based Analysis of Attack Models

Author

Kijsanayothin, Phongphun ; Hewett, Rattikorn

Author_Institution

Dept. of Electr. & Comput. Eng., Naresuan Univ., Phitsanulok, Thailand

fYear

2013

fDate

22-24 Aug. 2013

Firstpage

183

Lastpage

186

Abstract

Protecting network-accessible resources from unauthorized use requires understanding of network vulnerability. Building attack models as chains of vulnerability exploits by an attacker can help locate flaws to prevent attacks. This paper presents an approach to automatically analyzing security attack models called exploit-based analysis. By using knowledge about exploitability of network vulnerabilities combined with a Markov computational process commonly used in link analysis, exploit based analysis ranks nodes in the attack model in order of their likelihoods of being compromised. The paper discusses the details of the approach, illustrates its use, and compares results with an existing technique.

Keywords

Markov processes; authorisation; computer network security; telecommunication links; Markov computational process; attack prevention; automatic security attack model analysis; exploit-based attack model analysis; link analysis; network vulnerability exploitability; network-accessible resources; node ranking; Adaptation models; Algorithm design and analysis; Analytical models; Complexity theory; Computational modeling; Knowledge engineering; Security; Attack graphs; network security; network vulnerability; ranking algorithm; security models;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Computing and Applications (NCA), 2013 12th IEEE International Symposium on

Conference_Location

Cambridge, MA

Print_ISBN

978-0-7695-5043-5

Type

conf

DOI

10.1109/NCA.2013.18

Filename

6623661