In this paper, we considered active cyber attack model to assess vulnerability in network system. As we simulate cyber attack model in the network system, we can identify vulnerabilities, and provide appropriate countermeasures against them. Our model consists of two agents, two modules, and action controller on on-line system, and attack damage assessment analyzer on off-line system. We can minimize a detection probability from target system because we applied 'Sensor to Shooter' concept to our model, and separated information collection agent and attack agent for reduce attack action time. One module analyzes target system's information. Another module develops target system and main point of impact, and builds attack scenario consisted of attack tree and attack pattern. Attack action agents execute the set of attack sequence which consists of attack pattern in attack tree's each node. Action controller controls all execution process of our model's elements.
[1]
Steven J. Templeton,et al.
A requires/provides model for computer attacks
,
2001,
NSPW '00.
[2]
Nicholas Carriero,et al.
A computational model of everything
,
2001,
CACM.
[3]
Tim Grant,et al.
Comparing OODA and Other Models as Operational View C2 Architecture
,
2005
.
[4]
Sushil Jajodia,et al.
Surviving Information Warfare Attacks
,
1999,
Computer.
[5]
Nong Ye,et al.
A process control approach to cyber attack detection
,
2001,
Commun. ACM.
[6]
Jerald Dawkins,et al.
A structural framework for modeling multi-stage network attacks
,
2002,
Proceedings. International Conference on Parallel Processing Workshop.
[7]
Andrew P. Moore,et al.
Attack Modeling for Information Security and Survivability
,
2001
.
[8]
Richard E. Overill.
Information warfare: battles in cyberspace
,
2001
.