Scalable Security Model Generation and Analysis Using k-importance Measures

Attack representation models (ARMs) (such as attack graphs, attack trees) can be used to model and assess security of a networked system. To do this, one must generate an ARM. However, generation and evaluation of the ARM suffer from a scalability problem when the size of the networked system is very large (e.g., 10,000 computer hosts in the network with a complex network topology). The main reason is that computing all possible attack scenarios to cover all aspects of an attack results in a state space explosion. One idea is to use only important hosts and vulnerabilities in the networked system to generate and evaluate security. We propose to use k-importance measures to generate a two-layer hierarchical ARM that will improve the scalability of model generation and security evaluation computational complexities. We use k 1 number of important hosts based on network centrality measures and k 2 number of significant vulnerabilities of hosts using host security metrics. We show that an equivalent security analysis can be achieved using our approach (using k-importance measures), compared to an exhaustive search.

[1]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[2]  Sushil Jajodia,et al.  Time-efficient and cost-effective network hardening using attack graphs , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[3]  Gail-Joon Ahn,et al.  Towards temporal access control in cloud computing , 2012, 2012 Proceedings IEEE INFOCOM.

[4]  Andrew W. Appel,et al.  MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.

[5]  Sushil Jajodia,et al.  Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.

[6]  Roberto Setola,et al.  Critical Information Infrastructure Security, Third International Workshop, CRITIS 2008, Rome, Italy, October 13-15, 2008. Revised Papers , 2009, Critical Information Infrastructures Security.

[7]  Marc Dacier,et al.  Lessons learned from the deployment of a high-interaction honeypot , 2006, 2006 Sixth European Dependable Computing Conference.

[8]  Ravishankar K. Iyer,et al.  Analysis of security data from a large computing organization , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[9]  KimDong Seong,et al.  Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees , 2012 .

[10]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[11]  Laurent Gallon,et al.  Using CVSS in Attack Graphs , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[12]  Enrico Zio,et al.  Using Centrality Measures to Rank the Importance of the Components of a Complex Network Infrastructure , 2008, CRITIS.

[13]  Zhong Chen,et al.  Evaluating Network Security With Two-Layer Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.

[14]  R. Sawilla,et al.  Partial cuts in attack graphs for cost effective network defence , 2012, 2012 IEEE Conference on Technologies for Homeland Security (HST).

[15]  Terry V. Benzel,et al.  The DETER project: Advancing the science of cyber security experimentation and test , 2010, 2010 IEEE International Conference on Technologies for Homeland Security (HST).

[16]  Saeed Jalili,et al.  A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs , 2010, ISC Int. J. Inf. Secur..

[17]  Jin B. Hong,et al.  HARMs: Hierarchical Attack Representation Models for Network Security Analysis , 2012, AISM 2012.

[18]  Richard P. Lippmann,et al.  An Annotated Review of Past Papers on Attack Graphs , 2005 .

[19]  William H. Sanders,et al.  Ieee Transactions on Parallel and Distributed Systems Rre: a Game-theoretic Intrusion Response and Recovery Engine , 2022 .

[20]  Bruce Schneier,et al.  Secrets and Lies: Digital Security in a Networked World , 2000 .

[21]  Edmund M. Clarke,et al.  Ranking Attack Graphs , 2006, RAID.

[22]  Lingyu Wang,et al.  A Heuristic Approach to Minimum-Cost Network Hardening Using Attack Graph , 2008, 2008 New Technologies, Mobility and Security.

[23]  Dong Seong Kim,et al.  Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees , 2012, Secur. Commun. Networks.

[24]  Richard A. Raines,et al.  A framework for analyzing and mitigating the vulnerabilities of complex systems via attack and protection trees , 2007 .

[25]  Lefteris M. Kirousis,et al.  Lightweight Centrality Measures in Networks under Attack , 2006, Complexus.

[26]  Yi Zhang,et al.  A Scalable Approach to Analyzing Network Security using Compact Attack Graphs , 2010, J. Networks.

[27]  Richard Lippmann,et al.  Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[28]  Dong Seong Kim,et al.  Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[29]  Sushil Jajodia,et al.  Understanding complex network attack graphs through clustered adjacency matrices , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).