论文信息 - Mapping Attack Paths in Black-Box Networks Through Passive Vulnerability Inference

Mapping Attack Paths in Black-Box Networks Through Passive Vulnerability Inference

Abstract : This project investigates stealthy techniques for mapping attack graphs through black- box networks. This provides a powerful new capability for network reconnaissance and attack planning, when open scanning is not an option. We employ purely passive inference, as well as new hybrid passive/active techniques that provide more comprehensive attack plans while maintaining nearly zero risk of detection. We infer network configuration (topology, devices, services, etc.), as well as functional semantics of network components for intelligent targeting. We map discovered network elements to potentially exploitable vulnerabilities.

Sushil Jajodia | Anup K. Ghosh | Steve Noel

[1] 송왕철,et al. IDS(Intrusion Detection System) , 2000 .

[2] Sushil Jajodia,et al. Advanced Vulnerability Analysis and Intrusion Detection through Predictive Attack Graphs , 2009 .

[3] John S. Heidemann,et al. Understanding passive and active service discovery , 2007, IMC '07.

[4] Richard Lippmann,et al. Experience Using Active and Passive Mapping for Network Situational Awareness , 2006, Fifth IEEE International Symposium on Network Computing and Applications (NCA'06).

[5] James B Kuntzelman. Comparative Analysis of Active and Passive Mapping Techniques in an Internet-Based Local Area Network , 2012 .

[6] Hervé Debar,et al. Improving security management through passive network observation , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[7] Sushil Jajodia,et al. Topological Vulnerability Analysis , 2010, Cyber Situational Awareness.