Modeling Active Cyber Attack for Network Vulnerability Assessment

  • Jung-Ho Eom
  • Young-Ju Han
  • Tai-Myoung Chung
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4331)


In this paper, we considered active cyber attack model to assess vulnerability in network system. As we simulate cyber attack model in the network system, we can identify vulnerabilities, and provide appropriate countermeasures against them. Our model consists of two agents, two modules, and action controller on on-line system, and attack damage assessment analyzer on off-line system. We can minimize a detection probability from target system because we applied ’Sensor to Shooter’ concept to our model, and separated information collection agent and attack agent for reduce attack action time. One module analyzes target system’s information. Another module develops target system and main point of impact, and builds attack scenario consisted of attack tree and attack pattern. Attack action agents execute the set of attack sequence which consists of attack pattern in attack tree’s each node. Action controller controls all execution process of our model’s elements.


Network System Target System Action Controller Attack Scenario Attack Tree 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ye, N., et al.: A process control approach to cyber attack detection. Communications of the ACM 44(8), 77–82 (2001)CrossRefGoogle Scholar
  2. 2.
    Jajodia, S., et al.: Surviving Information Warfare Attacks. Computer 32(4), 57–63 (1999)CrossRefGoogle Scholar
  3. 3.
    Richard, E.: Overill: ’Information warfare: battles in cyberspace. Computing & Control Engineering Journal 12(3), 125–128 (2001)CrossRefGoogle Scholar
  4. 4.
    Schudel, G., et al.: Modeling behavior of the cyber-terrorist, RAND National Security Research Division. In: Proceeding of workshop, August 2000, pp. 49–59 (2000)Google Scholar
  5. 5.
  6. 6.
    Moore, A.P., et al.: Attack Modeling for Information Security and Survivability, CMU/SEI-2001-TN-001 (March 2001)Google Scholar
  7. 7.
    Lathrop, S.D., et al.: Modeling Network Attacks. In: BRIMS 2003 (May 2003)Google Scholar
  8. 8.
    Kotenko, I.: Agent-based modelingand simulation of cyber-warfare between malefactors and security agents in internet. In: ECMS 2005 (2005)Google Scholar
  9. 9.
    Daley, K., et al.: A Structural Framework for Modeling Multi-stage Network Attacks. In: ICPPW 2002, August 2002, pp. 5–10 (2002)Google Scholar
  10. 10.
    Surdu, J.R., et al.: Military Academy Attack/Defense Network Simulation. In: ASTC:SMGAS (April 2003)Google Scholar
  11. 11.
    Templeton, S.J., et al.: A Requires/Provides Model for Computer Attacks. In: Proceedings of the New Security Paradigms Workshop (September 2000)Google Scholar
  12. 12.
    ROKAF Combat Development Group: Iraq war-Analysis based on Air Operation (June 2003)Google Scholar
  13. 13.
    Grant, T., et al.: Comparing OODA & other models as Operational View C2 Architecture Topic: C4ISR/C2 Architecture. In: ICCRTS 2005 (June 2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Jung-Ho Eom
    • 1
  • Young-Ju Han
    • 1
  • Tai-Myoung Chung
    • 1
  1. 1.Internet Management Technology Laboratory, Scool of Information and Communication EngineeringSungKyunKwan UniversityGyeonggi-doRepublic of Korea

Personalised recommendations