Scalable Attack Representation Model Using Logic Reduction Techniques

Automated construction methods of attack graphs (AGs) and their improved attack representation models (ARMs) have been proposed, but the AG has a state space explosion when analysing the security of very large sized networked systems. Instead, attack trees (ATs) and their improved ARMs can be used (e.g., Defense Trees, Protection Trees, Attack Response Trees, and Attack Countermeasure Trees), because they are a non-state-space model. However, there are no known methods to construct ATs in a scalable manner automatically while maintaining all possible attack scenarios. We can use an AG generation tools, and transform the AG into the AT using min-cuts. However, this method requires a transformation (i.e., an overhead), and computing min-cuts is a NP-hard problem. Another way is to construct ATs directly with given network information. A naive approach is to compute all possible attack paths and populate the AT branches using logic gates (e.g., AND and OR gates), but this method generates an exponential number of nodes, causing a scalability problem. We propose two logic reduction techniques to automate the ATs construction and to reduce the size of the AT. The computational complexity is calculated. The simulation result shows the construction time for the naive method and two logic reduction techniques. The trade-off between the construction time and the memory usage of simplified ATs are also shown.

[1]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[2]  Dong Seong Kim,et al.  Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees , 2012, Secur. Commun. Networks.

[3]  John Hale,et al.  A systematic approach to multi-stage network attack analysis , 2004, Second IEEE International Information Assurance Workshop, 2004. Proceedings..

[4]  Richard A. Raines,et al.  A framework for analyzing and mitigating the vulnerabilities of complex systems via attack and protection trees , 2007 .

[5]  Dong Seong Kim,et al.  Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[6]  Zhong Chen,et al.  Evaluating Network Security With Two-Layer Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.

[7]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[8]  Yi Zhang,et al.  A Scalable Approach to Analyzing Network Security using Compact Attack Graphs , 2010, J. Networks.

[9]  Francesco Maffioli,et al.  Cardinality constrained minimum cut problems: complexity and algorithms , 2004, Discret. Appl. Math..

[10]  Richard Lippmann,et al.  Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[11]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.

[12]  Vamsi Paruchuri,et al.  Threat modeling using attack trees , 2008 .

[13]  Bruce Schneier,et al.  MODELING SECURITY THREATS , 1999 .

[14]  Paul Jones,et al.  Secrets and Lies: Digital Security in a Networked World , 2002 .

[15]  Jin B. Hong,et al.  HARMs: Hierarchical Attack Representation Models for Network Security Analysis , 2012, AISM 2012.

[16]  Michael R. Grimaila,et al.  The Use of Attack and Protection Trees to Analyze Security for an Online Banking System , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[17]  Sushil Jajodia,et al.  Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.