Presentation is loading. Please wait.

Presentation is loading. Please wait.

Evaluating Network Security with Two-Layer Attack Graphs Anming Xie Zhuhua Cai Cong Tang Jianbin Hu Zhong Chen ACSAC (Dec., 2009) 2010/6/151.

Published byGeraldine McDonald Modified over 8 years ago

Similar presentations

Presentation on theme: "Evaluating Network Security with Two-Layer Attack Graphs Anming Xie Zhuhua Cai Cong Tang Jianbin Hu Zhong Chen ACSAC (Dec., 2009) 2010/6/151."— Presentation transcript:

1 Evaluating Network Security with Two-Layer Attack Graphs Anming Xie Zhuhua Cai Cong Tang Jianbin Hu Zhong Chen ACSAC (Dec., 2009) 2010/6/151

2 Outline Introduction Related Work Model Examples Conclusion 2010/6/152

3 Attack Graphs Describe attack scenarios Play important roles in analyzing network vulnerabilities 2010/6/153

4 Problems Although there are many previous works on attack graphs about evaluating network security, some problems still need to be addressed – Scalability – Several targets for overall security of networks – Inside malicious attackers’ attacks 2010/6/154

5 The Work of The Paper Firstly, propose a new generation model – Generate two-layer attack graphs model to reduce computation costs Then, propose a measurement methodology – Evaluate network security based on adjacency matrixes 2010/6/155

6 Network Security Metrics Traditionally, focus on vulnerabilities as static values in different networks However, ignore how they could be exploited by the attackers An attack graph describe s all the possible ways to break into a network, and reveals actual effect among vulnerabilities 2010/6/156

7 Outline Introduction Related Work Model Examples Conclusion 2010/6/157

8 Related Works Resulting attack graphs are sometimes too large to be computed Lacks meaningful and efficient suggestions to evaluate network security 2010/6/158

9 Outline Introduction Related Work Model Examples Conclusion 2010/6/159

10 A. Generation Model Two assumptions – Preconditions on an exploit would never be changed from satisfied to unsatisfied – Attackers only need user access privileges at source host when exploiting vulnerabilities at target host 2010/6/1510

11 A. Generation Model The two-layer model – Lower layer Describe all of the detailed attack scenarios between each host-pair Set up host-pair attack graphs to describe attack sequences from one source host to one target host directly Show how attackers obtain user or root access privileges at the target host N * N host-pair attack graphs at most with N hosts 2010/6/1511

12 A. Generation Model The two-layer model – Upper layer Set up host access attack graphs to show the direct access relationships among hosts A node represents a host in networks, and a directed edge between two nodes represents the access relationship between the corresponding two hosts 2010/6/1512

13 A. Generation Model Generation of host-pair attack graphs – Just deal with host’s configurations, vulnerabilities, its network connection with source host – Be generated very quickly and the size is small 2010/6/1513

14 A. Generation Model Generation of hosts access attack graphs – Built on the results of the host-pair attack graphs – Add a directed edge to the corresponding nodes in hosts access graph – Edge’s label shows the corresponding privilege which could be obtained 2010/6/1514

15 A. Generation Model 2010/6/1515

16 B. Analysis on probability of success Used in analysis of network security Firstly – apply probability of success to each atomic exploit Secondly – calculate the probabilities of obtaining user and root privileges successfully for each host-pair attack graph Finally – change the edges’ label of the hosts access graph as (HPAGID, Puser, Proot) 2010/6/1516

17 B. Analysis on probability of success 2010/6/1517

18 C. Analysis on Adjacency Matrixes In order to evaluate the overall network, composite these attack probabilities to a global measurement dynamically based on adjacency matrixes A network with N nodes, draw a hosts access graph with N +1 nodes Use H 1, H 2, · · ·, H n to indicate hosts in the target network, and use H 0 to indicate an attacker’s host. 2010/6/1518

19 C. Analysis on Adjacency Matrixes Element u ij indicates the probability of obtaining user privilege from host H i to host H j C = F(A,B) – A, B, C are matrixes – F is defined as 2010/6/1519

20 C. Analysis on Adjacency Matrixes Define the power iterations of Function F Stable matrix – User adjacency matrix U maximum – Root adjacency matrix R maximum 2010/6/1520

21 D. Network Security Measurement Total prospective damage of whole network brought by this attacker in host H i is – the set of important hosts in network is C, C ⊆ H Dangerous Score – Indicate the security level of a network – use w k rather than d uk and d rk. For each host H k in C, w k is its important factor, where 0 ≤ w k ≤ 1 2010/6/1521

22 D. Network Security Measurement Transition score, which evaluates the host’s action as a stepping stone when an outside attacker attacks the network 2010/6/1522

23 Outline Introduction Related Work Model Examples Conclusion 2010/6/1523

24 A. Network Environment 2010/6/1524

25 A. Network Environment 2010/6/1525

26 B. Result Attack Graphs 2010/6/1526

27 B. Result Attack Graphs 2010/6/1527

28 C. Network Security Evaluation 2010/6/1528

29 C. Network Security Evaluation 2010/6/1529

30 C. Network Security Evaluation Assume the set of important hosts in network is C = {F,D} Obtain user privilege – Prospective damage du = {200, 2000} Obtain root privilege – Prospective damage dr = {2000, 10000} 2010/6/1530

31 C. Network Security Evaluation Total prospective damage potentially caused by outside attackers Total prospective damage potentially caused by inside attackers 2010/6/1531 1

32 C. Network Security Evaluation Set important factors w k for each host H k in C – set w = {0.2, 1} – 0.2 for host F, 1 for host D Dangerous Score Transition Score 2010/6/1532

33 Outline Introduction Related Work Model Examples Conclusion 2010/6/1533

34 Conclusion A novel generation approach and a measurement methodology Apply the probability of success to our attack graphs Results not only describe the potential attack probabilities of success launched from an outside attacker, but also describe the potential attack probabilities launched from inside malicious users Draw gray scale images to indicate the overall network security 2010/6/1534

35 Q & A Thank you! 2010/6/1535

Download ppt "Evaluating Network Security with Two-Layer Attack Graphs Anming Xie Zhuhua Cai Cong Tang Jianbin Hu Zhong Chen ACSAC (Dec., 2009) 2010/6/151."

Similar presentations

Goal: a graph representation of the topology of a gray scale image. The graph represents the hierarchy of the lower and upper level sets of the gray level.

Goal: a graph representation of the topology of a gray scale image. The graph represents the hierarchy of the lower and upper level sets of the gray level.
Network Resource Broker for IPTV in Cloud Computing Lei Liang, Dan He University of Surrey, UK OGF 27, G2C Workshop 15 Oct 2009 Banff,

Network Resource Broker for IPTV in Cloud Computing Lei Liang, Dan He University of Surrey, UK OGF 27, G2C Workshop 15 Oct 2009 Banff,
VSMC MIMO: A Spectral Efficient Scheme for Cooperative Relay in Cognitive Radio Networks 1.

VSMC MIMO: A Spectral Efficient Scheme for Cooperative Relay in Cognitive Radio Networks 1.
1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.

1 Intrusion Monitoring of Malicious Routing Behavior Poornima Balasubramanyam Karl Levitt Computer Security Laboratory Department of Computer Science UCDavis.
Clustering Categorical Data The Case of Quran Verses

Clustering Categorical Data The Case of Quran Verses
BY MICHAEL SUDKOVITCH AND DAVID ROITMAN UNDER THE GUIDANCE OF DR. GABI NAKIBLY OSPF Security project: Summary.

BY MICHAEL SUDKOVITCH AND DAVID ROITMAN UNDER THE GUIDANCE OF DR. GABI NAKIBLY OSPF Security project: Summary.
Modeling Malware Spreading Dynamics Michele Garetto (Politecnico di Torino – Italy) Weibo Gong (University of Massachusetts – Amherst – MA) Don Towsley.

Modeling Malware Spreading Dynamics Michele Garetto (Politecnico di Torino – Italy) Weibo Gong (University of Massachusetts – Amherst – MA) Don Towsley.
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee 2007. 04. 23.

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
Optimal redundancy allocation for information technology disaster recovery in the network economy Benjamin B.M. Shao IEEE Transaction on Dependable and.

Optimal redundancy allocation for information technology disaster recovery in the network economy Benjamin B.M. Shao IEEE Transaction on Dependable and.
Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.

Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.
Introduction of Probabilistic Reasoning and Bayesian Networks

Introduction of Probabilistic Reasoning and Bayesian Networks
A SLA evaluation Methodology in Service Oriented Architectures V.Casola, A.Mazzeo, N.Mazzocca, M.Rak University of Naples “Federico II”, Italy Second University.

A SLA evaluation Methodology in Service Oriented Architectures V.Casola, A.Mazzeo, N.Mazzocca, M.Rak University of Naples “Federico II”, Italy Second University.
Forwarding Redundancy in Opportunistic Mobile Networks: Investigation and Elimination Wei Gao 1, Qinghua Li 2 and Guohong Cao 3 1 The University of Tennessee,

Forwarding Redundancy in Opportunistic Mobile Networks: Investigation and Elimination Wei Gao 1, Qinghua Li 2 and Guohong Cao 3 1 The University of Tennessee,
Deployment Strategies for Differentiated Detection in Wireless Sensor Network Jingbin Zhang, Ting Yan, and Sang H. Son University of Virginia From SECON.

Deployment Strategies for Differentiated Detection in Wireless Sensor Network Jingbin Zhang, Ting Yan, and Sang H. Son University of Virginia From SECON.
Presenter : Shih-Tung Huang Tsung-Cheng Lin Kuan-Fu Kuo 2015/6/15 EICE team Model-Level Debugging of Embedded Real-Time Systems Wolfgang Haberl, Markus.

Presenter : Shih-Tung Huang Tsung-Cheng Lin Kuan-Fu Kuo 2015/6/15 EICE team Model-Level Debugging of Embedded Real-Time Systems Wolfgang Haberl, Markus.
© Honglei Miao: Presentation in Ad-Hoc Network course 13.01.2004 1(19) Minimal CDMA Recoding Strategies in Power-Controlled Ad-Hoc Wireless Networks Honglei.

© Honglei Miao: Presentation in Ad-Hoc Network course (19) Minimal CDMA Recoding Strategies in Power-Controlled Ad-Hoc Wireless Networks Honglei.
Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.

Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.
Design of an Intrusion Response System using Evolutionary Computation Rohit Parti.

Design of an Intrusion Response System using Evolutionary Computation Rohit Parti.
A Multi-Agent Learning Approach to Online Distributed Resource Allocation Chongjie Zhang Victor Lesser Prashant Shenoy Computer Science Department University.

A Multi-Agent Learning Approach to Online Distributed Resource Allocation Chongjie Zhang Victor Lesser Prashant Shenoy Computer Science Department University.
DIDS part II The Return of dIDS 2/12 CIS 610. 2 GrIDS Graph based intrusion detection system for large networks. Analyzes network activity on networks.

DIDS part II The Return of dIDS 2/12 CIS GrIDS Graph based intrusion detection system for large networks. Analyzes network activity on networks.

Similar presentations

Ads by Google