• Documents
  • Authors
  • Tables
  • Log in
  • Sign up
  • MetaCart
  • DMCA
  • Donate

CiteSeerX logo

Advanced Search Include Citations
Advanced Search Include Citations

An Attack Surface Metric,” (2005)

by J W P Manadhata
Add To MetaCart

Tools

Sorted by:
Results 1 - 10 of 89
Next 10 →

Measuring the attack surfaces of two FTP daemons

by Pratyusa Manadhata - In ACM CCS Workshop on Quality of Protection , 2006
"... Software consumers often need to choose between different software that provide the same functionality. Today, security is a quality that many consumers, especially system administrators, care about and will use in choosing one software system over another. An attack surface metric is a security met ..."
Abstract - Cited by 35 (3 self) - Add to MetaCart
Software consumers often need to choose between different software that provide the same functionality. Today, security is a quality that many consumers, especially system administrators, care about and will use in choosing one software system over another. An attack surface metric is a security metric for comparing the relative security of similar software systems [8]. The measure of a system’s attack surface is an indicator of the system’s security: given two systems, we compare their attack surface measurements to decide whether one is more secure than another along each of the following three dimensions: methods, channels, and data. In this paper, we use the attack surface metric to measure the attack surfaces of two open source FTP daemons: ProFTPD 1.2.10 and Wu-FTPD 2.6.2. Our measurements show that ProFTPD is more secure along the method dimension, ProFTPD is as secure as Wu-FTPD along the channel dimension, and Wu-FTPD is more secure along the data dimension. We also demonstrate how software consumers can use the attack surface metric in making a choice between the two FTP daemons.
(Show Context)

Citation Context

...tem administrators, care about and will use in choosing one software system over another. An attack surface metric is a security metric for comparing the relative security of similar software systems =-=[8]-=-. The measure of a system’s attack surface is an indicator of the system’s security: given two systems, we compare their attack surface measurements to decide whether one is more secure than another a...

An attack graph-based probabilistic security metric

by Lingyu Wang, Tania Islam, Tao Long, Anoop Singhal, Sushil Jajodia - In Proceedings of the 22nd IFIP DBSec , 2008
"... Abstract. To protect critical resources in today’s networked environments, it is desirable to quantify the likelihood of potential multi-step attacks that combine multiple vulnerabilities. This now becomes feasible due to a model of causal re-lationships between vulnerabilities, namely, attack graph ..."
Abstract - Cited by 33 (6 self) - Add to MetaCart
Abstract. To protect critical resources in today’s networked environments, it is desirable to quantify the likelihood of potential multi-step attacks that combine multiple vulnerabilities. This now becomes feasible due to a model of causal re-lationships between vulnerabilities, namely, attack graph. This paper proposes an attack graph-based probabilistic metric for network security and studies its effi-cient computation. We first define the basic metric and provide an intuitive and meaningful interpretation to the metric. We then study the definition in more com-plex attack graphs with cycles and extend the definition accordingly. We show that computing the metric directly from its definition is not efficient in many cases and propose heuristics to improve the efficiency of such computation. 1
(Show Context)

Citation Context

...er model, that is the least conditions under which an attack is possible [20]. Yet another series of work measures how likely a software is vulnerable to attacks using a metrics called attack surface =-=[10,12,17,18,19]-=-. These work allow a partial order to be established on different network configurations based on their relative security. However, the treatment of many aspects of security is still qualitative in na...

Measuring network security using attack graphs

by Lingyu Wang, Anoop Singhal, Sushil Jajodia - In Proceedings of the 3rd ACM workshop on Quality of protection (QoP’07 , 2007
"... In measuring the overall security of a network, a crucial issue is to correctly compose the measure of individual components. Incorrect compositions may lead to misleading results. For example, a network with less vulnerabilities or a more diversified configuration is not necessarily more secure. To ..."
Abstract - Cited by 30 (6 self) - Add to MetaCart
In measuring the overall security of a network, a crucial issue is to correctly compose the measure of individual components. Incorrect compositions may lead to misleading results. For example, a network with less vulnerabilities or a more diversified configuration is not necessarily more secure. To obtain correct compositions of individual measures, we need to first understand the interplay between network components. For example, how vulnerabilities can be combined by attackers in advancing an intrusion. Such an understanding becomes possible with recent advances in modeling network security using attack graphs. Based on our experiences with attack graph analysis, we propose an integrated framework for measuring various aspects of network security. We first outline our principles and methodologies. We then describe concrete examples to build intuitions. Finally, we present our formal framework. It is our belief that metrics developed based on the proposed framework will lead to novel quantitative approaches to vulnerability analysis, network hardening, and attack response.
(Show Context)

Citation Context

... weakest attacker model, that is the least conditions enabling an attack [21]. Yet another series of work measures how likely a software is vulnerable to attacks using a metrics called attack surface =-=[11, 18, 19, 20, 13]-=-. These work allow a partial order to be established on different network configurations based on their relative security. However, the treatment of many aspects of security is still qualitative in na...

Traon. Automatically securing permission-based software by reducing the attack surface: An application to Android

by Re Bartel, Jacques Klein, Le Traon, Martin Monperrus - In IEEE/ACM International Conference on Automated Software Engineering (ASE , 2012
"... A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), en-tails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a “permission gap”. Malware can leverage the unused permis-sion ..."
Abstract - Cited by 21 (5 self) - Add to MetaCart
A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), en-tails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a “permission gap”. Malware can leverage the unused permis-sions for achieving their malicious goals, for instance using code injection. In this paper, we present an approach to de-tecting permission gaps using static analysis. Our prototype implementation in the context of Android shows that the static analysis must take into account a significant amount of platform-specific knowledge. Using our tool on two datasets of Android applications, we found out that a non negligible part of applications suffers from permission gaps, i.e. does not use all the permissions they declare. 1.
(Show Context)

Citation Context

...ing code injection or return-oriented programming [6]. Identifying permission gaps means reducing the risks for an application to be compromised, also known as reducing the application attack surface =-=[20]-=-. Let us make an analogy with a firewall. In a correctly configured firewall only the ports that are used are open. All the other ports are closed. However if the firewall is misconfigured, some unuse...

A novel quantitative approach for measuring network security

by Mohammad Salim Ahmed, Ehab Al-shaer, Latifur Khan - In Press, IEEE Infocom Miniconference , 2008
"... Abstract—Evaluation of network security is an essential step in securing any network. This evaluation can help security professionals in making optimal decisions about how to design security countermeasures, to choose between alternative security architectures, and to systematically modify security ..."
Abstract - Cited by 17 (2 self) - Add to MetaCart
Abstract—Evaluation of network security is an essential step in securing any network. This evaluation can help security professionals in making optimal decisions about how to design security countermeasures, to choose between alternative security architectures, and to systematically modify security configurations in order to improve security. However, the security of a network depends on a number of dynamically changing factors such as emergence of new vulnerabilities and threats, policy structure and network traffic. Identifying, quantifying and validating these factors using security metrics is a major challenge in this area. In this paper, we propose a novel security metric framework that identifies and quantifies objectively the most significant security risk factors, which include existing vulnerabilities, historical trend of vulnerability of the remotely accessible services, prediction of potential vulnerabilities for any general network service and their estimated severity and finally policy resistance to attack propagation within the network. We then describe our rigorous validation experiments using reallife vulnerability data of the past 6 years from National Vulnerability Database (NVD) [10] to show the high accuracy and confidence of the proposed metrics. Some previous works have considered vulnerabilities using code analysis. However, as far as we know, this is the first work to study and analyze these metrics for network security evaluation using publicly available vulnerability information and security policy configuration. 1 I.
(Show Context)

Citation Context

.... Attack graph [5] is another technique that is used to assess the risks associated with network exploits. There has been some research focusing on the attack surface of a network. Mandhata et al. in =-=[9]-=- have tried to find the attack surface from the attackability of a system. In [11] Pamula propose a security metric based on the weakest adversary (i.e. the least amount of effort required to make an ...

A Model of Forensic Analysis Using Goal-Oriented Logging

by Sean Philip Peisert , 2007
"... Copyright ..."
Abstract - Cited by 14 (10 self) - Add to MetaCart
Abstract not found

Ideal Based Cyber Security Technical Metrics for Control Systems

by Wayne Boyer, Miles Mcqueen, Wayne Boyer, Miles Mcqueen - CRITIS’07 2nd International Workshop on Critical Information Infrastructures Security , 2007
"... This is a preprint of a paper intended for publication in a journal or proceedings. Since changes may be made before publication, this preprint should not be cited or reproduced without permission of the author. This document was prepared as an account of work sponsored by an agency of the United St ..."
Abstract - Cited by 12 (0 self) - Add to MetaCart
This is a preprint of a paper intended for publication in a journal or proceedings. Since changes may be made before publication, this preprint should not be cited or reproduced without permission of the author. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, or any of their employees, makes any warranty, expressed or implied, or assumes any legal liability or responsibility for any third party’s use, or the results of such use, of any information, apparatus, product or process disclosed in this report, or represents that its use by such third party would not infringe privately owned rights. The views expressed in this paper are not necessarily those of the United States Government or the sponsoring agency.
(Show Context)

Citation Context

...complexity, including external interfaces is strongly correlated to the potential for the discovery of new vulnerabilities. Attack surface has been proposed as a security metric by Manadhata and Wing =-=[9]-=-. This metric is considered to be potentially very valuable but is not yet sufficiently developed to be used in practice. Worst case loss is the maximum dollar value of the damage/loss that could be i...

Supporting Automated Vulnerability Analysis using Formalized Vulnerability Signatures

by Mohemed Almorsy, John Grundy, Amani S. Ibrahim
"... Adopting publicly accessible platforms such as cloud computing model to host IT systems has become a leading trend. Although this helps to minimize cost and increase availability and reachability of applications, it has serious implications on applications ’ security. Hackers can easily exploit vuln ..."
Abstract - Cited by 6 (2 self) - Add to MetaCart
Adopting publicly accessible platforms such as cloud computing model to host IT systems has become a leading trend. Although this helps to minimize cost and increase availability and reachability of applications, it has serious implications on applications ’ security. Hackers can easily exploit vulnerabilities in such publically accessible services. In addition to, 75 % of the total reported application vulnerabilities are web application specific. Identifying such known vulnerabilities as well as newly discovered vulnerabilities is a key challenging security requirement. However, existing vulnerability analysis tools cover no more than 47 % of the known vulnerabilities. We introduce a new solution that supports automated vulnerability analysis using formalized vulnerability signatures. Instead of depending on formal methods to locate vulnerability instances where analyzers have to be developed to locate specific vulnerabilities, our approach incorporates a formal vulnerability signature described using OCL. Using this formal signature, we perform program analysis of the target system to locate signature matches (i.e. signs of possible vulnerabilities). A newly–discovered vulnerability can be easily identified in a target program provided that a formal signature for it exists. We have developed a prototype static vulnerability analysis tool based on our formalized vulnerability signatures specification approach. We have validated our approach in capturing signatures of the OWSAP Top10 vulnerabilities and applied these signatures in analyzing a set of seven benchmark applications.
(Show Context)

Citation Context

...he hosting service to read/write/modify/delete the data. Usually the number of entry points and exit points – the “attack surface” - X (b)is used as a security metric when assessing systems security =-=[18]-=-. Furthermore, an active component may have vulnerabilities related to inputs (input validation - input coming from a user passing by the hosting service), outputs (output validation and exceptions – ...

k-zero day safety: Measuring the security risk of networks against unknown attacks

by Lingyu Wang, Sushil Jajodia, Anoop Singhal, Steven Noel , 2010
"... Abstract. The security risk of a network against unknown zero day attacks has been considered as something unmeasurable since software flaws are less predictable than hardware faults and the process of finding such flaws and developing exploits seems to be chaotic. In this paper, we propose a novel ..."
Abstract - Cited by 5 (3 self) - Add to MetaCart
Abstract. The security risk of a network against unknown zero day attacks has been considered as something unmeasurable since software flaws are less predictable than hardware faults and the process of finding such flaws and developing exploits seems to be chaotic. In this paper, we propose a novel security metric, k-zero day safety, based on the number of unknown zero day vulnerabilities. That is, the metric simply counts how many unknown vulnerabilities would be required for compromising a network asset, regardless of what vulnerabilities those might be. We formally define the metric based on an abstract model of networks and attacks. We then devise algorithms for computing the metric. Finally, we show the metric can quantify many existing practices in hardening a network. 1
(Show Context)

Citation Context

...ations, such as IDSs [8] and distributed trust managment [17]. More closely related to our work, attack surface measures how likely a software is vulnerable to attacks based on the degree of exposure =-=[14]-=-. Our work borrows from attack surface the idea of focusing on interfaces, instead of internal details, of a system. However, we apply the idea to a network of com14puter systems instead of a single ...

DAG-based attack and defense modeling: Don’t miss the forest for the attack trees

by Barbara Kordy, Ludovic Piètre-cambacédès, Patrick Schweitzer - CoRR
"... ar ..."
Abstract - Cited by 5 (1 self) - Add to MetaCart
Abstract not found
(Show Context)

Citation Context

... algorithm for classification of states in order to identify the most relevant parts of an attack graph. In 2008, Malhotra et al. [153] did the same based on the notion of attack surface described in =-=[155]-=-. The vast majority of the authors mentioned have also worked on visualization aspects [100, 189, 190, 290]. Kotenko and Stepashkin [137] described a complete software platform for implementing concep...

Powered by: Apache Solr
  • About CiteSeerX
  • Submit and Index Documents
  • Privacy Policy
  • Help
  • Data
  • Source
  • Contact Us

Developed at and hosted by The College of Information Sciences and Technology

© 2007-2019 The Pennsylvania State University