HASN: A hierarchical attack surface network for system security analysis

Attack surfaces, as one of the security models, can help people to analyse the security of systems in cyberspace, such as risk assessment by utilizing various security metrics or providing a cost-effective network hardening solution. Numerous attack surface models have been proposed in the past decade, but they are not appropriate for describing complex systems with heterogeneous components. To address this limitation, we propose to use a two-layer Hierarchical Attack Surface Network (HASN) that models the data interactions and resource distribution of the system in a component-oriented view. First, we formally define the HASN by extending the entry point and exit point framework. Second, in order to assess data input risk and output risk on the HASN, we propose two behaviour models and two simulation-based risk metrics. Last, we conduct experiments for three network systems. Our experimental results show that the proposed approach is applicable and effective.

[1]  Guy Shani,et al.  Analysis of Attack Graph Representations for Ranking Vulnerability Fixes , 2018, GCAI.

[2]  Indrajit Ray,et al.  Assessing vulnerability exploitability risk using software properties , 2016, Software Quality Journal.

[3]  Jimmy McGibney,et al.  Attack surface-based security metric framework for service selection and composition , 2017, Int. J. Auton. Adapt. Commun. Syst..

[4]  Andrew Meneely,et al.  Beyond the Attack Surface: Assessing Security Risk with Random Walks on Call Graphs , 2016, SPRO@CCS.

[5]  Amy Nicole Langville,et al.  Google's PageRank and beyond - the science of search engine rankings , 2006 .

[6]  Ramakrishna Thurimella,et al.  Application of the PageRank Algorithm to Alarm Graphs , 2007, ICICS.

[7]  Sohag Kabir,et al.  An overview of fault tree analysis and its application in model based dependability analysis , 2017, Expert Syst. Appl..

[8]  Xinming Ou,et al.  Identifying Critical Attack Assets in Dependency Attack Graphs , 2008, ESORICS.

[9]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[10]  Jan Lunze,et al.  Modeling of asynchronous discrete-event systems as networks of input-output automata , 2008 .

[11]  Edmund M. Clarke,et al.  Ranking Attack Graphs , 2006, RAID.

[12]  Jin B. Hong,et al.  Towards scalable security analysis using multi-layered security models , 2016, J. Netw. Comput. Appl..

[13]  Terry V. Benzel,et al.  Design Principles and Guidelines for Security , 2007 .

[14]  Nelly Litvak,et al.  Generalized PageRank on directed configuration networks , 2017, Random Struct. Algorithms.

[15]  Kerem Kaynar,et al.  A taxonomy for attack graph generation and usage in network security , 2016, J. Inf. Secur. Appl..

[16]  Indrajit Ray,et al.  Using Attack Surface Entry Points and Reachability Analysis to Assess the Risk of Software Vulnerability Exploitability , 2014, 2014 IEEE 15th International Symposium on High-Assurance Systems Engineering.