By Topic

Building compact exploitation graphs for a cluster computing environment

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Wei Li ; Center for Comput. Security Res., Mississippi State Univ., MS, USA ; Vaughn, R.

In this paper, a modeling process is described to address challenges in analyzing attack scenarios and mitigating vulnerabilities in networked environments. Known system vulnerability data, system configuration data, and vulnerability scanner results are combined to create exploitation graphs (e-graphs), which are used to represent attack scenarios. The modeling process consists of three primary steps. The first step is the creation of a knowledge base of known system vulnerabilities. These vulnerabilities are represented using preconditions and postconditions. A template is used to represent preconditions and postconditions, and vulnerabilities are encoded using a predefined set of attributes. The second step involves the association of multiple vulnerabilities to create an e-graph specific to the system being modeled. The third step of this process involves the development of abstraction techniques that can be used to simplify exploitation graphs. A novel abstraction technique is proposed based on host connection similarity and exploitation similarity. These techniques have been applied into a high-performance cluster computing environment to show that they facilitate a compact representation of attack scenarios and provide in-depth vulnerability assessments.

Published in:

Information Assurance Workshop, 2005. IAW '05. Proceedings from the Sixth Annual IEEE SMC

Date of Conference:

15-17 June 2005