Measuring Network Security Using Bayesian Network-Based Attack Graphs

Given the increasing dependence of our societies on information systems, the overall security of these systems should be measured and improved. Existing work generally focuses on measuring individual vulnerabilities instead of measuring their combined effects. Recent research has explored the application of attack graphs and probabilistic security metrics to address this challenge. However, such work usually assumes metrics of individual vulnerabilities to be independently distributed and combines them in an arbitrary manner. They cannot address more realistic cases, such as exploiting one vulnerability makes another vulnerability easier to exploit. In this paper, we propose to model probability metrics based on attack graphs as a special Bayesian Network. This approach provides a sound theoretical foundation to such metrics. It can also provide the capabilities of using conditional probabilities to address the general cases of interdependency between vulnerabilities.

[1]  Mattia Monga,et al.  Assessing the risk of using vulnerable components , 2006, Quality of Protection.

[2]  Steven Noel,et al.  Representing TCP/IP connectivity for topological analysis of network security , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[3]  Xinming Ou,et al.  Improving Attack Graph Visualization through Data Reduction and Attack Grouping , 2008, VizSEC.

[4]  Sushil Jajodia,et al.  An Attack Graph-Based Probabilistic Security Metric , 2008, DBSec.

[5]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[6]  Yu Liu,et al.  Network vulnerability assessment using Bayesian networks , 2005, SPIE Defense + Commercial Sensing.

[7]  Marianne Swanson,et al.  Security metrics guide for information technology systems , 2003 .

[8]  M. F.,et al.  Bibliography , 1985, Experimental Gerontology.

[9]  Vojkan Mihajlovic,et al.  Dynamic Bayesian Networks: A State of the Art , 2001 .

[10]  Yi Zhang,et al.  Two Formal Analysis of Attack Graphs: Two Formal Analysis of Attack Graphs , 2010 .

[11]  Michael K. Reiter,et al.  Authentication metric analysis and design , 1999, TSEC.

[12]  Sushil Jajodia,et al.  Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts , 2006, Comput. Commun..

[13]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[14]  Cynthia A. Phillips,et al.  Computer-attack graph generation tool , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[15]  Thomas Beth,et al.  Valuation of Trust in Open Networks , 1994, ESORICS.

[16]  Sushil Jajodia,et al.  Topological analysis of network attack vulnerability , 2006, PST.

[17]  Karl N. Levitt,et al.  NetKuang - A Multi-Host Configuration Vulnerability Checker , 1996, USENIX Security Symposium.

[18]  Nick Cercone,et al.  Privacy intrusion detection using dynamic Bayesian networks , 2006, ICEC '06.

[19]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[20]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[22]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[23]  Sushil Jajodia,et al.  An Efficient and Unified Approach to Correlating, Hypothesizing, and Predicting Intrusion Alerts , 2005, ESORICS.

[24]  Sushil Jajodia,et al.  A weakest-adversary security metric for network configuration security analysis , 2006, QoP '06.

[25]  Chris H. Q. Ding,et al.  Structure search and stability enhancement of Bayesian networks , 2003, Third IEEE International Conference on Data Mining.

[26]  Sushil Jajodia,et al.  Interactive Analysis of Attack Graphs Using Relational Queries , 2006, DBSec.

[27]  Chen Feng,et al.  A Flexible Approach to Measuring Network Security Using Attack Graphs , 2008, 2008 International Symposium on Electronic Commerce and Security.

[28]  Miles McQueen,et al.  Measuring the attack surfaces of two FTP daemons , 2006, QoP '06.

[29]  Marc Dacier,et al.  Quantitative Assessment of Operational Security: Models and Tools * , 1996 .

[30]  Steven J. Templeton,et al.  A requires/provides model for computer attacks , 2001, NSPW '00.

[31]  Fabio Massacci,et al.  From Trust to Dependability through Risk Analysis , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[32]  Robert J. Ellison,et al.  Attack Trees , 2009, Encyclopedia of Biometrics.

[33]  Sushil Jajodia,et al.  Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..

[34]  Z. G. Ruthberg,et al.  Technology Assessment: Methods for Measuring the Level of Computer Security , 1985 .

[35]  Andrew W. Appel,et al.  MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.

[36]  Sushil Jajodia,et al.  Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.

[37]  Sushil Jajodia,et al.  Toward measuring network security using attack graphs , 2007, QoP '07.

[38]  Grigore Rosu,et al.  Efficient monitoring of safety properties , 2004, International Journal on Software Tools for Technology Transfer.

[39]  Sushil Jajodia,et al.  Measuring the Overall Security of Network Configurations Using Attack Graphs , 2007, DBSec.

[40]  Sushil Jajodia,et al.  Understanding complex network attack graphs through clustered adjacency matrices , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[41]  John McHugh Quality of protection: measuring the unmeasurable? , 2006, QoP '06.

[42]  Andrew Jaquith Security Metrics: Replacing Fear, Uncertainty, and Doubt , 2007 .

[43]  Tomas Olovsson,et al.  A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior , 1997, IEEE Trans. Software Eng..

[44]  Sushil Jajodia,et al.  Measuring network security using dynamic bayesian network , 2008, QoP '08.

[45]  Paul Ammann,et al.  Using model checking to analyze network vulnerabilities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[46]  Fu-Ren Lin,et al.  Using Bayesian networks for discovering temporal-state transition patterns in Hemodialysis , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[47]  Eugene H. Spafford,et al.  The COPS Security Checker System , 1990, USENIX Summer.