Time-efficient and cost-effective network hardening using attack graphs

Attack graph analysis has been established as a powerful tool for analyzing network vulnerability. However, previous approaches to network hardening look for exact solutions and thus do not scale. Further, hardening elements have been treated independently, which is inappropriate for real environments. For example, the cost for patching many systems may be nearly the same as for patching a single one. Or patching a vulnerability may have the same effect as blocking traffic with a firewall, while blocking a port may deny legitimate service. By failing to account for such hardening interdependencies, the resulting recommendations can be unrealistic and far from optimal. Instead, we formalize the notion of hardening strategy in terms of allowable actions, and define a cost model that takes into account the impact of interdependent hardening actions. We also introduce a near-optimal approximation algorithm that scales linearly with the size of the graphs, which we validate experimentally.

[1]  Cynthia A. Phillips,et al.  Computer-attack graph generation tool , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[2]  C. R. Ramakrishnan,et al.  Model-Based Analysis of Configuration Vulnerabilities , 2002, J. Comput. Secur..

[3]  Sushil Jajodia,et al.  Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts , 2006, Comput. Commun..

[4]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[5]  Jaideep Srivastava,et al.  Managing Cyber Threats: Issues, Approaches, and Challenges (Massive Computing) , 2005 .

[6]  Steven Noel,et al.  Representing TCP/IP connectivity for topological analysis of network security , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[7]  Sushil Jajodia,et al.  Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.

[8]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[9]  Sushil Jajodia,et al.  Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..

[10]  Sushil Jajodia,et al.  Correlating intrusion events and building attack scenarios through attack graph distances , 2004, 20th Annual Computer Security Applications Conference.

[11]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[12]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[13]  Sushil Jajodia,et al.  Cauldron mission-centric cyber situational awareness with defense in depth , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[14]  Paul Ammann,et al.  Using model checking to analyze network vulnerabilities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[15]  Karl N. Levitt,et al.  NetKuang - A Multi-Host Configuration Vulnerability Checker , 1996, USENIX Security Symposium.

[16]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.