A Structural Framework for Modeling Multi-Stage Network Attacks

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Kristopher Daley Articles by Ryan Larson Articles by Jerald Dawkins

2002 International Conference on Parallel Processing Workshops (ICPPW'02)

Vancouver, B.C., Canada

August 18-August 21

ISBN: 0-7695-1680-7

	ASCII Text	x
	Kristopher Daley, Ryan Larson, Jerald Dawkins, "A Structural Framework for Modeling Multi-Stage Network Attacks," Parallel Processing Workshops, International Conference on, pp. 5, 2002 International Conference on Parallel Processing Workshops (ICPPW'02), 2002.

	BibTex	x
	@article{ 10.1109/ICPPW.2002.1039705, author = {Kristopher Daley and Ryan Larson and Jerald Dawkins}, title = {A Structural Framework for Modeling Multi-Stage Network Attacks}, journal ={Parallel Processing Workshops, International Conference on}, volume = {0}, year = {2002}, issn = {1530-2016}, pages = {5}, doi = {http://doi.ieeecomputersociety.org/10.1109/ICPPW.2002.1039705}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Parallel Processing Workshops, International Conference on TI - A Structural Framework for Modeling Multi-Stage Network Attacks SN - 1530-2016 SP EP A1 - Kristopher Daley, A1 - Ryan Larson, A1 - Jerald Dawkins, PY - 2002 KW - null VL - 0 JA - Parallel Processing Workshops, International Conference on ER -

Kristopher Daley, University of Tulsa

Ryan Larson, University of Tulsa

Jerald Dawkins, University of Tulsa

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICPPW.2002.1039705

Incidents such as Solar Sunrise and Nimda demonstrate the need to expressively model distributed and complex network attacks. To protect information systems, system administrators must be able to represent vulnerabilities in a way that lends itself to correlation, analysis, and prediction.

State of the art intrusion detection and attack analysis systems struggle to effectively represent sophisticated attacks. Strategic models express exploits as goal-oriented attack trees. Attack trees represent adversarial behavior by connecting events in ?AND?-?OR? tree structures. However, these structures need to be enhanced and expressed in a formal manner in order to adequately represent the complexity of recent cyber attacks. This paper provides a methodology for capturing the structure of various network vulnerabilities and multi-stage attacks. By extending the attack tree paradigm, we provide a context sensitive attack modeling framework that, through abstraction, supports incident correlation, analysis, and prediction.

Citation:

Kristopher Daley, Ryan Larson, Jerald Dawkins, "A Structural Framework for Modeling Multi-Stage Network Attacks," icppw, pp.5, 2002 International Conference on Parallel Processing Workshops (ICPPW'02), 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.