HARMs: Hierarchical Attack Representation Models for Network Security Analysis

Attack models can be used to assess network security. Purely graph based attack representation models (e.g., attack graphs) have a state-space explosion problem. Purely tree-based models (e.g., attack trees) cannot capture the path information explicitly. Moreover, the complex relationship between the host and the vulnerability information in attack models create difficulty in adjusting to changes in the network, which is impractical for modern large and dynamic network systems. To deal with these issues, we propose hierarchical attack representation models (HARMs). The main idea is to use two-layer hierarchy to separate the network topology information (in the upper layer) from the vulnerability information of each host (in the lower layer). We compare the HARMs with existing attack models (including attack graph and attack tree) in model complexity in the phase of construction, evaluation and modification.

[1]  Dong Seong Kim,et al.  Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[2]  J.-Y. Le Boudec,et al.  Dynamic network security deployment under partial information , 2008, 2008 46th Annual Allerton Conference on Communication, Control, and Computing.

[3]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[4]  Sushil Jajodia,et al.  Time-efficient and cost-effective network hardening using attack graphs , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[5]  Gail-Joon Ahn,et al.  Towards temporal access control in cloud computing , 2012, 2012 Proceedings IEEE INFOCOM.

[6]  Marc Dacier,et al.  Lessons learned from the deployment of a high-interaction honeypot , 2006, 2006 Sixth European Dependable Computing Conference.

[7]  Paul Jones,et al.  Secrets and Lies: Digital Security in a Networked World , 2002 .

[8]  Seungyeop Han,et al.  Analysis of topological characteristics of huge online social networking services , 2007, WWW '07.

[9]  Richard A. Raines,et al.  A framework for analyzing and mitigating the vulnerabilities of complex systems via attack and protection trees , 2007 .

[10]  Richard Lippmann,et al.  Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[11]  Michael R. Grimaila,et al.  The Use of Attack and Protection Trees to Analyze Security for an Online Banking System , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[12]  Vamsi Paruchuri,et al.  Threat modeling using attack trees , 2008 .

[13]  Kai Hwang,et al.  Micro-firewalls for dynamic network security with distributed intrusion detection , 2001, Proceedings IEEE International Symposium on Network Computing and Applications. NCA 2001.

[14]  Zhong Chen,et al.  Evaluating Network Security With Two-Layer Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.

[15]  Richard Lippmann,et al.  Modeling Modern Network Attacks and Countermeasures Using Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.

[16]  Ravishankar K. Iyer,et al.  Analysis of security data from a large computing organization , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[17]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[18]  John Hale,et al.  A systematic approach to multi-stage network attack analysis , 2004, Second IEEE International Information Assurance Workshop, 2004. Proceedings..

[19]  Marianne Swanson,et al.  Security metrics guide for information technology systems , 2003 .

[20]  Terry V. Benzel,et al.  The DETER project: Advancing the science of cyber security experimentation and test , 2010, 2010 IEEE International Conference on Technologies for Homeland Security (HST).

[21]  Bruce Schneier,et al.  MODELING SECURITY THREATS , 1999 .

[22]  Andrew P. Moore,et al.  Attack Modeling for Information Security and Survivability , 2001 .