Attack Modelling and Security Evaluation for Security Information and Event Management

The paper considers an approach to attack modelling in Security Information and Event Management (SIEM) systems. The suggested approach incorporates usage of service dependency graphs and zero-day vulnerabilities to produce attack graph, calculation of security metrics based on attack graph and service dependencies and advanced any-time techniques for attack graph generation and security evaluation, etc.

[1]  Marlene H. Dortch Washington, DC , 1985, International Society of Hair Restoration Surgery.

[2]  Nora Cuppens-Boulahia,et al.  A Service Dependency Model for Cost-Sensitive Intrusion Response , 2010, ESORICS.

[3]  Salim Hariri,et al.  Impact Analysis of Faults and Attacks in Large-Scale Networks , 2003, IEEE Secur. Priv..

[4]  Igor V. Kotenko,et al.  Attack Graph Based Evaluation of Network Security , 2006, Communications and Multimedia Security.

[5]  Ming-Yuh Huang,et al.  A large scale distributed intrusion detection framework based on attack strategy analysis , 1999, Comput. Networks.

[6]  Sushil Jajodia,et al.  An Attack Graph-Based Probabilistic Security Metric , 2008, DBSec.

[7]  Richard Lippmann,et al.  Modeling Modern Network Attacks and Countermeasures Using Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.