Towards Actionable Mission Impact Assessment in the Context of Cloud Computing

Today’s cyber-attacks towards enterprise networks often undermine and even fail the mission assurance of victim networks. Mission cyber resilience (or active cyber defense) is critical to prevent or minimize negative consequences towards missions. Without effective mission impact assessment, mission cyber resilience cannot be really achieved. However, there is an overlooked gap between mission impact assessment and cyber resilience due to the non-mission-centric nature of current research. This gap is even widened in the context of cloud computing. The gap essentially accounts for the weakest link between missions and attack-resilient systems, and also explains why the existing impact analysis is not really actionable. This paper initiates efforts to bridge this gap, by developing a novel graphical model that interconnects the mission dependency graphs and cloud-level attack graphs. Our case study shows that the new cloud-applicable model is able to bridge the gap between mission impact assessment and cyber resilience. As a result, it can significantly improve the effectiveness of cyber resilience analysis of mission critical systems.

[1]  Sushil Jajodia Topological analysis of network attack vulnerability , 2007, ASIACCS '07.

[2]  Sushil Jajodia,et al.  NSDMiner: Automated discovery of Network Service Dependencies , 2012, 2012 Proceedings IEEE INFOCOM.

[3]  Sushil Jajodia,et al.  On the Accurate Identification of Network Service Dependencies in Distributed Systems , 2012, LISA.

[4]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[5]  Xiaoyan Sun,et al.  Inferring the Stealthy Bridges Between Enterprise Network Islands in Cloud Using Cross-Layer Bayesian Networks , 2014, SecureComm.

[6]  S. Musman,et al.  Evaluating the Impact of Cyber Attacks on Missions , 2010 .

[7]  Gabriel Jakobson,et al.  Mission cyber security situation assessment using impact dependency graphs , 2011, 14th International Conference on Information Fusion.

[8]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[9]  John R. Goodall,et al.  Mission Impact of Cyber Events: Scenarios and Ontology to Express the Relationships between Cyber Assets, Missions, and Users , 2009 .

[10]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[11]  Xinming Ou,et al.  Identifying Critical Attack Assets in Dependency Attack Graphs , 2008, ESORICS.

[12]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[13]  Xu Chen,et al.  Automating Network Application Dependency Discovery: Experiences, Limitations, and New Solutions , 2008, OSDI.

[14]  Ronald R. Yager,et al.  On ordered weighted averaging aggregation operators in multicriteria decisionmaking , 1988, IEEE Trans. Syst. Man Cybern..

[15]  C. R. Ramakrishnan,et al.  Model-Based Analysis of Configuration Vulnerabilities , 2002, J. Comput. Secur..

[16]  Ronald R. Yager,et al.  On ordered weighted averaging aggregation operators in multicriteria decision-making , 1988 .

[17]  Andrew W. Appel,et al.  MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.

[18]  Richard Lippmann,et al.  Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[19]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[20]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[21]  Moises Sudit,et al.  Mission Impact Assessment for Cyber Warfare , 2015, Intelligent Methods for Cyber Warfare.

[22]  Madjid Merabti,et al.  Cache Side-Channel Attacks in Cloud Computing , 2015 .

[23]  Michael K. Reiter,et al.  HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis , 2011, 2011 IEEE Symposium on Security and Privacy.