Name
Abstract | ||
|---|---|---|
Attack graphs represent the ways in which an adversary can exploit vulnerabilities to break into a system. System administrators analyze these attack graphs to understand where their system's weaknesses lie and to help decide which security measures will be effective to deploy. In practice, attack graphs are produced manually by Red Teams. Construction by hand, however, is tedious, error-prone, and impractical for attack graphs larger than a hundred nodes. In this talk I present a technique, based on model checking, for generating attack graphs automatically. I also describe different analyses that system administrators can perform in trading off one security measure for another or in using attack graphs in intrusion detection. Work on generating attack graphs is joint with Somesh Jha and Oleg Sheyner; on analyzing them, joint with Oleg Sheyner and Oren Dobzinski. |
Year | DOI | Venue |
|---|---|---|
2006 | 10.1145/1128817.1128822 | Computer and Communications Security |
Keywords | Field | DocType |
oleg sheyner,hundred node,security measure,attack graphs,oren dobzinski,minimization analysis,model checking,different analysis,attack graph,red teams,system administrator,attack graph generation,intrusion detection,somesh jha | Brute-force attack,Model checking,Computer science,Computer security,Exploit,Pre-play attack,Security Measure,Adversary,Intrusion detection system,Attack graph | Conference |
ISBN | Citations | PageRank |
1-59593-272-0 | 1 | 0.36 |
References | Authors | |
13 | 1 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Jeannette M. Wing | 1 | 6429 | 874.60 |