Abstract
Nowadays attacks are becoming increasingly frequent and sophisticated, and they are also becoming increasingly interconnected. Recent works in network security have demostrated the fact that combinations of vulnerability exploits are the typical means by which an attacker can break into a network. It is therefore in great need of performing vulnerability analysis to do security analysis first and take the initiative to find hidden safety problems, then plan effective security measures. In this paper, we propose an analysis model, which derives vulnerability analysis functionality from the interaction of three distinct processes: scanning, modeling and correlating. Scanning is served as a significant issue for identifying vulnerabilities. Modeling provides a concise representation for expressing fact base such as host configuration, vulnerability information, and network topology. Moreover, correlating is used to provide a perspective into correlating isolated vulnerabilities in order to construct layered attack graph. Transition rule is presented in scalable design, which enables highly efficient methods of vulnerability correlation algorithm. Finally, a real case study has been described to demonstrate the capability of our model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ou, X., Boyer, W.F., McQueen, M.A.: A Scalable Approach to Attack Graph Generation. In: Proceedings of the 13th ACM conference on Computer and Communications Security (CCS 2006), Alexandria, Virginia, USA, October 30-November 3, pp. 336–345 (2006)
Jajodia, S., Noel, S., O’Berry, B.: Topological Analysis of Network Attack Vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats: Issues, Approaches and Challanges. Kluwer Academic Publisher, Dordrecht (2003)
Andrews, J., Moss, T.: Reliability and Risk Assessment. The American Society of Mechanical Engineers (2002)
Qu, G., JayaPrakash, R., Hariri, S.: A Framework for Network Vulnerability Analysis. In: Proceedings of IASTED International Conference Communications, Internet and Information Technology (CIIT 2002), St. Thoams, Virgin Islands, pp. 289–298 (2002)
Man, D., Zhang, B., Yang, W., et al.: A Method for Global Attack Graph Generation. In: IEEE International Conference on Networking, Sensing and Control (ICNSC 2008), China, April 6-8, pp. 236–241 (2008)
Ritchey, R.W., Ammann, P.: Using Model Checking to Analyze Network Vulnerabilities. In: Proceedings of the IEEE Symposium on Security and Privacy, Washington, May 2001, pp. 156–165 (2001)
Li, W., Vaughn, R.B.: Cluster Security Research Involving the Modeling of Network Exploitations Using Exploitation Graphs. In: Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid Workshops, CCGRIDW 2006 (2006)
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, Graph-based Network Vulnerability Analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, USA, pp. 217–224 (2002)
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P 2002), pp. 273–284 (2002)
Internet Security Systems, SystemScanner, http://www.iss.net
Tenable Network Security, Nessus, http://www.nessus.org
eEye Digital Security, Retina Network Security Scanner, http://www.eeye.com/html/index.html
Dacier, M.: Towards Quantitative Evaluation of Computer Security. Ph.D Thesis, Institut National Polytechnique de Toulouse (Decemeber 1994)
Noel, S., Jacobs, M., Kalapa, P., Jajodia, S.: Multiple Coordinated Views for Network Attack Graphs. In: Workshop on Visualization for Computer Security, USA, pp. 99–106 (2005)
Zhang, S.J., Li, J.H., Chen, X.Z., Fan, L.: Building network attack graph for alert causal correlation. Computer & Security, 1–9 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Liu, X., Xiao, D., Ma, N., Yu, J. (2009). A Scalable, Vulnerability Modeling and Correlating Method for Network Security. In: Mueller, P., Cao, JN., Wang, CL. (eds) Scalable Information Systems. INFOSCALE 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 18. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10485-5_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-10485-5_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10484-8
Online ISBN: 978-3-642-10485-5
eBook Packages: Computer ScienceComputer Science (R0)