Advertisement

An Attack Graph-Based Probabilistic Security Metric

  • Lingyu Wang
  • Tania Islam
  • Tao Long
  • Anoop Singhal
  • Sushil Jajodia
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5094)

Abstract

To protect critical resources in today’s networked environments, it is desirable to quantify the likelihood of potential multi-step attacks that combine multiple vulnerabilities. This now becomes feasible due to a model of causal relationships between vulnerabilities, namely, attack graph. This paper proposes an attack graph-based probabilistic metric for network security and studies its efficient computation. We first define the basic metric and provide an intuitive and meaningful interpretation to the metric. We then study the definition in more complex attack graphs with cycles and extend the definition accordingly. We show that computing the metric directly from its definition is not efficient in many cases and propose heuristics to improve the efficiency of such computation.

Keywords

Network Security Individual Score Outgoing Edge Critical Resource Incoming Edge 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS 2002) (2002)Google Scholar
  2. 2.
    A.C.S. Associates. Workshop on Information Security System Scoring and Ranking (2001)Google Scholar
  3. 3.
    Balzarotti, D., Monga, M., Sicari, S.: Assessing the risk of using vulnerable components. In: Proceedings of the 1st Workshop on Quality of Protection (2005)Google Scholar
  4. 4.
    Balzarotti, P., Monga, M., Sicari, S.: Assessing the risk of using vulnerable components. In: Proceedings of the 2nd ACM workshop on Quality of protection (2005)Google Scholar
  5. 5.
    Dacier, M.: Towards quantitative evaluation of computer security. Ph.D. Thesis, Institut National Polytechnique de Toulouse (1994)Google Scholar
  6. 6.
    Dacier, M., Deswarte, Y., Kaaniche, M.: Quantitative assessment of operational security: Models and tools. Technical Report 96493 (1996)Google Scholar
  7. 7.
    Farmer, D., Spafford, E.: The COPS security checker system. In: USENIX Summer, pp. 165–170 (1990)Google Scholar
  8. 8.
    Frigault, M., Wang, L.: Measuring network security using bayesian network-based attack graphs. In: Proceedings of The 3rd IEEE International Workshop on Security, Trust, and Privacy for Software Applications (STPSA 2008) (2008)Google Scholar
  9. 9.
    Hoo, K.: Metrics of network security. White Paper (2004)Google Scholar
  10. 10.
    Howard, M., Pincus, J., Wing, J.: Measuring relative attack surfaces. In: Workshop on Advanced Developments in Software and Systems Security (2003)Google Scholar
  11. 11.
    Jaquith, A.: Security Merics: Replacing Fear Uncertainity and Doubt. Addison Wesley, Reading (2007)Google Scholar
  12. 12.
    Manadhata, K., Wing, J., Flynn, M., McQueen, M.: Measuring the attack surfaces of two ftp daemons. In: Quality of Protection Workshop (2006)Google Scholar
  13. 13.
    Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. IEEE Security & Privacy Magazine 4(6), 85–89 (2006)CrossRefGoogle Scholar
  14. 14.
    National Institute of Standards and Technology. Technology assessment: Methods for measuring the level of computer security. NIST Special Publication 500-133 (1985)Google Scholar
  15. 15.
    Noel, S., Jajodia, S., O’Berry, B., Jacobs, M.: Efficient minimum-cost network hardening via exploit dependency graphs. In: Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003) (2003)Google Scholar
  16. 16.
    Ortalo, R., Deswarte, Y., Kaaniche, M.: Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Trans. Software Eng. 25(5), 633–650 (1999)CrossRefGoogle Scholar
  17. 17.
    Manadhata, J.W.P.: Measuring a system’s attack surface. Technical Report CMU-CS-04-102 (2004)Google Scholar
  18. 18.
    Manadhata, J.W.P.: An attack surface metric. Technical Report CMU-CS-05-155 (2005)Google Scholar
  19. 19.
    Manadhata, J.W.P.: An attack surface metric. In: First Workshop on Security Metrics (MetriCon) (2006)Google Scholar
  20. 20.
    Pamula, J., Jajodia, S., Ammann, P., Swarup, V.: A weakest-adversary security metric for network configuration security analysis. In: Proceedings of the 2nd ACM workshop on Quality of protection, pp. 31–38. ACM Press, New York (2006)CrossRefGoogle Scholar
  21. 21.
    Phillips, C., Swiler, L.: A graph-based system for network-vulnerability analysis. In: Proceedings of the New Security Paradigms Workshop (NSPW 1998) (1998)Google Scholar
  22. 22.
    Reiter, M., Stubblebine, S.: Authentication metric analysis and design. ACM Transactions on Information and System Security 2(2), 138–158 (1999)CrossRefGoogle Scholar
  23. 23.
    Ritchey, R., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings of the 2000 IEEE Symposium on Research on Security and Privacy (S&P 2000), pp. 156–165 (2000)Google Scholar
  24. 24.
    Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P 2002) (2002)Google Scholar
  25. 25.
    Swanson, M., Bartol, N., Sabato, J., Hash, J., Graffo, L.: Security metrics guide for information technology systems. NIST Special Publication 800-55 (2003)Google Scholar
  26. 26.
    Swiler, L., Phillips, C., Ellis, D., Chakerian, S.: Computer attack graph generation tool. In: Proceedings of the DARPA Information Survivability Conference & Exposition II (DISCEX 2001) (2001)Google Scholar
  27. 27.
    Wang, L., Liu, A., Jajodia, S.: An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts. In: di Vimercati, S.d.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 247–266. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  28. 28.
    Wang, L., Liu, A., Jajodia, S.: Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts. Computer Communications 29(15), 2917–2933 (2006)CrossRefGoogle Scholar
  29. 29.
    Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Computer Communications 29(18), 3812–3824 (2006)CrossRefGoogle Scholar
  30. 30.
    Wang, L., Singhal, A., Jajodia, S.: Measuring network security using attack graphs. In: Proceedings of the 3rd ACM workshop on Quality of protection (QoP 2007). ACM Press, New York (2007)Google Scholar
  31. 31.
    Wang, L., Singhal, A., Jajodia, S.: Measuring the overall security of network configurations using attack graphs. In: Proceedings of 21th IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2007) (2007)Google Scholar
  32. 32.
    Wang, L., Yao, C., Singhal, A., Jajodia, S.: Interactive analysis of attack graphs using relational queries. In: Proceedings of 20th IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2006), pp. 119–132 (2006)Google Scholar
  33. 33.
    Zerkle, D., Levitt, K.: Netkuang - a multi-host configuration vulnerability checker. In: Proceedings of the 6th USENIX Unix Security Symposium (USENIX 1996) (1996)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Lingyu Wang
    • 1
  • Tania Islam
    • 1
  • Tao Long
    • 1
  • Anoop Singhal
    • 2
  • Sushil Jajodia
    • 3
  1. 1.Concordia Institute for Information Systems EngineeringConcordia UniversityMontrealCanada
  2. 2.Computer Security DivisionNational Institute of Standards and TechnologyGaithersburgUSA
  3. 3.Center for Secure Information SystemsGeorge Mason UniversityFairfaxUSA

Personalised recommendations