QSec: Supporting Security Decisions on an IT Infrastructure

  • Fabrizio Baiardi
  • Federico Tonelli
  • Fabio Corò
  • Luca Guidi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8328)


A global vulnerability of an IT infrastructure is a set of vulnerabilities in its nodes that enables a sequence of attacks where an agent acquires the privileges that each attack requires as a result of the previous attacks in the sequence. This paper presents QSec, a tool to support decision on the infrastructure security that queries a database with information on global vulnerabilities and the corresponding attack sequences. QSec can return information on, among others, global vulnerabilities, the corresponding attack sequences and the infrastructure nodes that are the target of a sequence. This information is fundamental to evaluate in more details the security of the infrastructure and to support decisions on vulnerabilities to be removed.


Vulnerability Assessment Risk evaluation Attack Chain Privilege Escalation Remote Attack SCADA System 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ammann, P., Pamula, J., Street, J., Ritchey, R.W.: A host-based approach to network attack chaining analysis. In: ACSAC, pp. 72–84. IEEE Computer Society (2005)Google Scholar
  2. 2.
    Baiardi, F., Corò, F., Tonelli, F., Guidi, L.: Gvscan: Scanning networks for global vulnerabilities. In: First International Workshop on Emerging Cyberthreats and Countermeasures, Regensburg, Germany (September 2013)Google Scholar
  3. 3.
    Cheung, S., Lindqvist, U., Fong, M.W.: Modeling multistep cyber attacks for scenario recognition. In: DISCEX (1), pp. 284–292. IEEE Computer Society (2003)Google Scholar
  4. 4.
    Cuppens, F., Autrel, F., Miege, A., Benferhat, S.: Correlation in an intrusion detection process. In: SECI 2002: Sécurité des Communications sur Internet, Tunis, Tunisie, Septembre 19-21, pp. 153–172 (2002)Google Scholar
  5. 5.
    Fovino, I.N., Masera, M., Guidi, L., Carpi, G.: An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants. In: 3rd International Conference on Human System Interaction, pp. 679–686. IEEE (May 2010)Google Scholar
  6. 6.
    Han, Z., Cheng, L., Zhang, Y., Feng, D.: Measuring and comparing the protection quality in different operating systems. In: Lopez, J., Huang, X., Sandhu, R. (eds.) NSS 2013. LNCS, vol. 7873, pp. 642–648. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  7. 7.
    Harrison, L., Spahn, R., Iannacone, M., Downing, E., Goodall, J.R.: Nv: Nessus vulnerability visualization for the web. In: Proceedings of the Ninth International Symposium on Visualization for Cyber Security, VizSec 2012, pp. 25–32. ACM, New York (2012)CrossRefGoogle Scholar
  8. 8.
    Howard, J.D.: An analysis of security incidents on the Internet 1989-1995. PhD thesis, Carnegie Mellon University, Pittsburgh, PA, USA, UMI Order No. GAX98-02539 (1998)Google Scholar
  9. 9.
    Jajodia, S., Noel, S.: Topological vulnerability analysis: A powerful new approach for network attack prevention, detection, and response, pp. 285–305. World Scientific Press (2009)Google Scholar
  10. 10.
    MITRE. Cve, a dictionary of publicly known information security vulnerabilities and exposures. Technical report, MITRE (1999)Google Scholar
  11. 11.
    Morin, B., Mé, L., Debar, H., Ducassé, M.: M2d2: A formal data model for ids alert correlation. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 115–127. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  12. 12.
    Noel, S., Robertson, E., Jajodia, S.: Correlating intrusion events and building attack scenarios through attack graph distances. In: ACSAC, pp. 350–359. IEEE Computer Society (2004)Google Scholar
  13. 13.
    Ozkan, S.: Cve details, the ultimate security vulnerability datasource. Technical report, Serkan Ozkan (1999)Google Scholar
  14. 14.
    Paxson, V., Zhang, Y.: Detecting stepping stones. In: USENIX (2000)Google Scholar
  15. 15.
    Stuckman, J., Purtilo, J.: Comparing and applying attack surface metrics. In: Proceedings of the 4th International Workshop on Security Measurements and Metrics, MetriSec 2012, pp. 3–6. ACM, New York (2012)Google Scholar
  16. 16.
    Wang, S., Zhang, Z., Kadobayashi, Y.: Exploring attack graph for cost-benefit security hardening: A probabilistic approach. Computers and Security 32, 158–169 (2013)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2013

Authors and Affiliations

  • Fabrizio Baiardi
    • 1
  • Federico Tonelli
    • 1
  • Fabio Corò
    • 1
  • Luca Guidi
    • 2
  1. 1.Dipartimento di InformaticaUniversità di PisaItaly
  2. 2.ENEL Engineering and Research SpAPisaItaly

Personalised recommendations