Towards scalable security analysis using multi-layered security models

Security models, such as an attack graph (AG), are widely adopted to assess the security of networked systems, such as utilizing various security metrics and providing a cost-effective network hardening solution. There are various methods of generating these models, but the scalability problem exists for single-layered graph-based security models when analyzing all possible attack paths. To address this problem, we propose to use a multi-layer hierarchical attack representation model (HARM) that models various components in the networked system in different layers to reduce the computational complexity. First, we formulate key questions that need to be answered to assess the scalability of security models. Second, we formally define the multi-layer HARM. Last, we conduct experiments to show the scalability of security models. Our experimental results show that using the HARM can improve the scalability of assessing the security of the networked system significantly in comparison to the single-layered security models in various network scenarios.

[1]  R. Sawilla,et al.  Partial cuts in attack graphs for cost effective network defence , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[2]  Richard Lippmann,et al.  Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR , 2010, VizSec '10.

[3]  Jin B. Hong,et al.  Scalable security analysis in hierarchical attack representation model using centrality measures , 2013, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W).

[4]  Xinming Ou,et al.  Improving Attack Graph Visualization through Data Reduction and Attack Grouping , 2008, VizSEC.

[5]  Jin B. Hong,et al.  What Vulnerability Do We Need to Patch First? , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[6]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[7]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[8]  John Hale,et al.  A systematic approach to multi-stage network attack analysis , 2004, Second IEEE International Information Assurance Workshop, 2004. Proceedings..

[9]  Claes Wohlin,et al.  Experimentation in Software Engineering , 2012, Springer Berlin Heidelberg.

[10]  P. Mell,et al.  SP 800-145. The NIST Definition of Cloud Computing , 2011 .

[11]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[12]  Barbara Kordy,et al.  DAG-based attack and defense modeling: Don't miss the forest for the attack trees , 2013, Comput. Sci. Rev..

[13]  Jin B. Hong,et al.  Scalable Security Models for Assessing Effectiveness of Moving Target Defenses , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[14]  Jin B. Hong,et al.  Performance Analysis of Scalable Attack Representation Models , 2013, SEC.

[15]  Vamsi Paruchuri,et al.  Threat modeling using attack trees , 2008 .

[16]  Richard Lippmann,et al.  Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[17]  Yi Zhang,et al.  A Scalable Approach to Analyzing Network Security using Compact Attack Graphs , 2010, J. Networks.

[18]  K. Popovic,et al.  Cloud computing security issues and challenges , 2010, The 33rd International Convention MIPRO.

[19]  Andrew W. Appel,et al.  MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.

[20]  Sushil Jajodia,et al.  Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.

[21]  Indrajit Ray,et al.  Optimal security hardening using multi-objective optimization on attack tree models of networks , 2007, CCS '07.

[22]  William H. Sanders,et al.  Automatic Generation of Security Argument Graphs , 2014, 2014 IEEE 20th Pacific Rim International Symposium on Dependable Computing.

[23]  Richard P. Lippmann,et al.  An Annotated Review of Past Papers on Attack Graphs , 2005 .

[24]  Zhong Chen,et al.  Evaluating Network Security With Two-Layer Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.

[25]  Jianwen Xiang,et al.  Composing hierarchical stochastic model from SysML for system availability analysis , 2013, 2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE).

[26]  Dong Seong Kim,et al.  Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[27]  Sushil Jajodia,et al.  Understanding complex network attack graphs through clustered adjacency matrices , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[28]  Edmund M. Clarke,et al.  Ranking Attack Graphs , 2006, RAID.

[29]  Eric Dubois,et al.  A Systematic Approach to Define the Domain of Information System Security Risk Management , 2010, Intentional Perspectives on Information Systems Engineering.

[30]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[31]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[32]  Youki Kadobayashi,et al.  Exploring attack graph for cost-benefit security hardening: A probabilistic approach , 2013, Comput. Secur..

[33]  Jin B. Hong,et al.  Scalable Security Model Generation and Analysis Using k-importance Measures , 2013, SecureComm.

[34]  Lingyu Wang,et al.  A Heuristic Approach to Minimum-Cost Network Hardening Using Attack Graph , 2008, 2008 New Technologies, Mobility and Security.

[35]  Richard Lippmann,et al.  Modeling Modern Network Attacks and Countermeasures Using Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.

[36]  Sumit Ghosh,et al.  A fundamental framework for network security , 1997 .

[37]  Saeed Jalili,et al.  A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs , 2010, ISC Int. J. Inf. Secur..

[38]  Indrajit Ray,et al.  Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.

[39]  William H. Sanders,et al.  Go with the flow: toward workflow-oriented security assessment , 2013, NSPW '13.

[40]  Jin B. Hong,et al.  HARMs: Hierarchical Attack Representation Models for Network Security Analysis , 2012, AISM 2012.

[41]  Sandeep K. Sood,et al.  A combined approach to ensure data security in cloud computing , 2012, J. Netw. Comput. Appl..