|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
2009 Annual Computer Security Applications Conference
Modeling Modern Network Attacks and Countermeasures Using Attack Graphs
Honolulu, Hawaii
December 07-December 11
ISBN: 978-0-7695-3919-5
| ASCII Text | x | ||
| Kyle Ingols, Matthew Chu, Richard Lippmann, Seth Webster, Stephen Boyer, "Modeling Modern Network Attacks and Countermeasures Using Attack Graphs," Computer Security Applications Conference, Annual, pp. 117-126, 2009 Annual Computer Security Applications Conference, 2009. | |||
| BibTex | x | ||
| @article{ 10.1109/ACSAC.2009.21, author = {Kyle Ingols and Matthew Chu and Richard Lippmann and Seth Webster and Stephen Boyer}, title = {Modeling Modern Network Attacks and Countermeasures Using Attack Graphs}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {2009}, issn = {1063-9527}, pages = {117-126}, doi = {http://doi.ieeecomputersociety.org/10.1109/ACSAC.2009.21}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - CONF JO - Computer Security Applications Conference, Annual TI - Modeling Modern Network Attacks and Countermeasures Using Attack Graphs SN - 1063-9527 SP117 EP126 A1 - Kyle Ingols, A1 - Matthew Chu, A1 - Richard Lippmann, A1 - Seth Webster, A1 - Stephen Boyer, PY - 2009 KW - network reachability KW - network defense KW - SCAP KW - attack graph KW - attack tree VL - 0 JA - Computer Security Applications Conference, Annual ER - | |||
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ACSAC.2009.21
By accurately measuring risk for enterprise networks, attack graphs allow network defenders to understand the most critical threats and select the most effective countermeasures. This paper describes substantial enhancements to the NetSPA attack graph system required to model additional present-day threats (zero-day exploits and client-side attacks) and countermeasures (intrusion prevention systems, proxy firewalls, personal firewalls, and host-based vulnerability scans). Point-to-point reachability algorithms and structures were extensively redesigned to support "reverse" reachability computations and personal firewalls. Host-based vulnerability scans are imported and analyzed. Analysis of an operational network with 84 hosts demonstrates that client-side attacks pose a serious threat. Experiments on larger simulated networks demonstrated that NetSPA's previous excellent scaling is maintained. Less than two minutes are required to completely analyze a four-enclave simulated network with more than 40,000 hosts protected by personal firewalls.
Index Terms:
network reachability, network defense, SCAP, attack graph, attack tree
Citation:
Kyle Ingols, Matthew Chu, Richard Lippmann, Seth Webster, Stephen Boyer, "Modeling Modern Network Attacks and Countermeasures Using Attack Graphs," acsac, pp.117-126, 2009 Annual Computer Security Applications Conference, 2009
Usage of this product signifies your acceptance of the Terms of Use.