Abstract | ||
---|---|---|
Business or military missions are supported by hardware and software systems. Unanticipated cyber activities occurring in supporting systems can impact such missions. In order to quantify such impact, we describe a layered graphical model as an extension of forensic investigation. Our model has three layers: the upper layer models operational tasks that constitute the mission and their inter-dependencies. The middle layer reconstructs attack scenarios from available evidence to reconstruct their inter-relationships. In cases where not all evidence is available, the lower level reconstructs potentially missing attack steps. Using the three levels of graphs constructed in these steps, we present a method to compute the impacts of attack activities on missions. We use NIST National Vulnerability Database's (NVD)-Common Vulnerability Scoring System (CVSS) scores or forensic investigators' estimates in our impact computations. We present a case study to show the utility of our model. |
Year | Venue | Field |
---|---|---|
2017 | IEEE Conference on Communications and Network Security | Data mining,CVSS,National Vulnerability Database,Computer science,Computer security,Software system,NIST,Graphical model,Vulnerability,Cloud computing,Computation |
DocType | ISSN | Citations |
Conference | 2474-025X | 0 |
PageRank | References | Authors |
0.34 | 0 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Changwei Liu | 1 | 41 | 6.92 |
Anoop Singhal | 2 | 576 | 168.78 |
Duminda Wijesekera | 3 | 1464 | 141.54 |