Abstract
Attack graph is a tool to analyze multi-stage, multi-host attack scenarios in a network. Each attack scenario is depicted by an attack path which is essentially a series of exploits with a severity score that presents a comparative desirability of a particular network service. In an attack graph with a large number of attack paths, it may not be feasible for the administrator to plug all the vulnerabilities. Moreover, in a dynamic environment where the severity of an exploit changes with time, a framework is required that detects an optimal attack path or most favored path from a given attack graph in an environment. This paper proposes a framework for finding out an optimal attack path using Ant Colony Optimization (ACO) technique under a dynamic environment. Given an attack graph and the severity scores of the exploits, an optimal attack path is detected using customized ACO algorithms. A case study has been presented to demonstrate the efficacy of the proposed methodology.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Measuring network security using dynamic bayesian network (2008), http://csrc.nist.gov/staff/Singhal/qop2008_DBN_paper.pdf (accessed on June 2009)
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of CCS 2002: 9th ACM Conference on Computer and Communications Security, pp. 217–224. ACM Press, New York (2002)
Gutjahr, W.J.: Aco algorithms with guaranteed convergence to the optimal solution. Information Processing Letters 82(3), 145–153 (2002)
Maniezzo, V., Gambardella, L.M., Luigi, F.D.: Ant colony optimization (2004), http://citeseer.ist.psu.edu/644427.html ; http://www.idsia.ch/~luca/aco2004.pdf
Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. IEEE Security & Privacy Magazine 4(6), 85–89 (2006)
Noel, S., Jajodia, S., O’Berry, B., Jacobs, M.: Efficient minimum-cost network hardening via exploit dependency graph. In: Omondi, A.R., Sedukhin, S.G. (eds.) ACSAC 2003. LNCS, vol. 2823. Springer, Heidelberg (2003)
Pamula, J., Jajodia, S., Ammann, P., Swarup, V.: A weakest-adversary security metric for network configuration secuirty analysis. In: Proceedings of 2nd ACM Workshop on Quality of Protection, pp. 31–38. ACM Press, New York (2006)
Ritchey, R., O’Berry, B., Noel, S.: Representing tcp/ip connectivity for topological analysis of network security. In: Proceedings of the 18th Annual Computer Security Applications Conference, ACSAC 2002 (2002)
Ritchey, R.W., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy, May 2000, pp. 156–165 (2000)
Sheynar, O.: Scenario Graphs and Attack Graphs. PhD thesis, Carnegei Mellon University, USA (April 2004)
Stutzle, T., Dorigo, M.: A short convergence proof for a class of ant colony optimization algorithms. IEEE Transactions on Evolutionary Computation 2002, 358–365 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ghosh, N., Nanda, S., Ghosh, S.K. (2010). An ACO Based Approach for Detection of an Optimal Attack Path in a Dynamic Environment. In: Kant, K., Pemmaraju, S.V., Sivalingam, K.M., Wu, J. (eds) Distributed Computing and Networking. ICDCN 2010. Lecture Notes in Computer Science, vol 5935. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-11322-2_48
Download citation
DOI: https://doi.org/10.1007/978-3-642-11322-2_48
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-11321-5
Online ISBN: 978-3-642-11322-2
eBook Packages: Computer ScienceComputer Science (R0)