#### DMCA

## A graph-based system for network-vulnerability analysis (1998)

Venue: | in Proceedings of the 1998 workshop on New security paradigms |

Citations: | 168 - 0 self |

### Citations

14083 |
D.S.: Computers and Intractability. A Guide to the Theory of NP-completeness
- Garey, Johnson
- 1979
(Show Context)
Citation Context ...n to a minimization problem, that of finding the low-cost paths. The structure of the weights is critical for this conversion, because in general finding the longest paths in a network is NP-complete =-=[5]-=-. If one wishes to find only a single shortest path, representing the most likely or least-cost attack, from a start node to any number of goal nodes, then any standard shortest-path algorithm, such a... |

639 | An intrusion-detection model
- Denning
- 1987
(Show Context)
Citation Context ... class of network security tools. Intrusion-detection systems attempt to monitor abnormal patterns of system usage (such as suspicious configuration information changes) to detect security violations =-=[4,9]-=-. Our system would be complementary to an intrusion detection system. If an administrator does not want to pay the full cost (development cost or system-performance hit) of all possible intrusion-dete... |

188 | Shortest paths algorithms: theory and experimental evaluation
- Cherkassky, Goldberg, et al.
- 1994
(Show Context)
Citation Context ... a start node to any number of goal nodes, then any standard shortest-path algorithm, such as Dijkstra's algorithm will suffice. Such codes are very efficient (near linear-time) and readily available =-=[2]-=-.s~ I ~ ~ o -~:~ I" ~ ~ I ~._~ ~ /! \z W~.".y \--/X r: ~.,l ~ E : -- ;--, ~ : . , , ~ <~ ~ ., ~ ...£'F.~ ~ I ", ............. \.= t~ 8 ~ i = ~ .~.× 76 I o 0 ° i.sHowever, the weights on the edges will... |

138 | Experimenting with quantitative evaluation tools for monitoring operational security.
- Ortalo, Deswarte, et al.
- 1999
(Show Context)
Citation Context ...B2.sestimated mean time and effort to target by enumerating all searches in the privilege graph. The Markov model represents all possible probing sequences of a non-omniscient attacker. Ortalo et al. =-=[13,14]-=-, present experimental results using this model, based on a privilege graph constructed from 13 major UNIX vulnerabilities. They conclude that Mean Effort to Failure (METF) is more valuable as a secur... |

134 |
A survey of intrusion detection techniques
- Lunt
- 1993
(Show Context)
Citation Context ... class of network security tools. Intrusion-detection systems attempt to monitor abnormal patterns of system usage (such as suspicious configuration information changes) to detect security violations =-=[4,9]-=-. Our system would be complementary to an intrusion detection system. If an administrator does not want to pay the full cost (development cost or system-performance hit) of all possible intrusion-dete... |

85 |
The network inhibition problem,”
- Phillips
- 1993
(Show Context)
Citation Context ... involve shortest-path computations in significantly expanded graphs. However, scaling provides a graceful tradeoff between approximation quality and the time and space needed to compute the solution =-=[15]-=-. Very recently, Tayi et al. [18] have shown how to compute all undominated (Pareto optimal) paths for multiple edge weights. Their algorithm runs in pseudo-polynomial time provided the number of crit... |

58 |
An Analysis of Security Incidents on the Internet 1989–1995,
- Howard
- 1997
(Show Context)
Citation Context ...simple. The probability-of-success numbers can be obtained from polling experts (assessing the best subjective judgments), from information about the frequency of attacks on certain kinds of networks =-=[6]-=-, and from experimentation. Computer-security personnel can test various attacks. Furthermore, one can make increasingly-automated testbeds accessible from the internet and advertise them as challenge... |

42 | Quantitive assessment of operational security models and tools.
- Dacier, Deswartes, et al.
- 1996
(Show Context)
Citation Context ...have seriesparallel structure which can then be exploited for computing the probability, assuming all edges fail independently. The system we are proposing is closely related to that of Dacier et al. =-=[3]-=- although these systems were developed independently. Dacier et al. use a "'privilege graph" which is similar to our attack graph, but seems to represent complex attacks with a single edge, and does n... |

30 |
On near-optimal alignments of biological sequences
- Naor, Brutlag
- 1994
(Show Context)
Citation Context ....× 76 I o 0 ° i.sHowever, the weights on the edges will almost surely not be sufficiently accurate to merit looking only at shortest paths. A better method is to use the technique of Naor and Brutlag =-=[12]-=-. Their algorithm computes a compact representation of all paths that are within $ of optimal for some given error parameter 8 (the S-optimal paths). For example, edges that are common to many k-optim... |

10 |
An insecurity flow model
- Moskowithz, Kang
- 1997
(Show Context)
Citation Context ...ies. There is no tie-in to particular user level, machine, configuration, etc, and there are no weights. Meadows describes previous work that also breaks attacks into atomic steps. Moskowitz and Kang =-=[11]-=- use a graph to represent insecurity flow. Edges represent penetration of a security barrier such as a firewall. Each edge is weighted with the probability of successfully breaching the defense. They ... |

7 | A map of security risks associated with using COTS. - Lindquist, Jonsson - 1998 |

5 |
A representation of protocol attacks for risk assessment
- Meadows
(Show Context)
Citation Context ... as well as possible ways to calculate cost-effective defense strategies, are explained in more detail in Section 4. This is not the first system to represent attacks graphically. For example Meadows =-=[10]-=- uses a graph representation to model stages of attacks, particularly attacks on cryptographic protocols. These visual representations resemble attack templates, but nodes in her graphs represent stag... |

3 |
Path problems in networks with vector-valued edge weights
- Tayi, Rosenkrantz, et al.
- 1999
(Show Context)
Citation Context ...ns in significantly expanded graphs. However, scaling provides a graceful tradeoff between approximation quality and the time and space needed to compute the solution [15]. Very recently, Tayi et al. =-=[18]-=- have shown how to compute all undominated (Pareto optimal) paths for multiple edge weights. Their algorithm runs in pseudo-polynomial time provided the number of criteria is bounded (i.e., the expone... |

2 | Multicriteria Approximation Through Decomposition", submitted
- Burch, Krumke, et al.
- 1998
(Show Context)
Citation Context ...monitors. If monitoring of each edge or node in the attack graph were independent (i.e. we must pay for each monitor placed on any edge), we have the k-hurdle problem, which can be solved efficiently =-=[1]-=-. When sets of edges are affected by a single monitor placement, the problem is still theoretically as hard as set 77 cover (assuming no special structure). However, it will be easier than the weighte... |

2 |
Probabilistic Logic Modeling of Hybrid Network Architectures
- Wyss, Gaylor
- 1996
(Show Context)
Citation Context ...ing root privileges on the machine) becomes a child of the root. Similarly, each child is broken into a complete list of all events which can directly lead to it and so on. Wyss, Schriner, and Gaylor =-=[19]-=- have used PRA techniques to investigate network performance. Their fault tree modeled a loss of network connectivity, specifically the "all terminal connectivity" problem. Since PRA methods can measu... |

1 |
Deswarte, "Quantitative Evaluation of Information System Security
- Ortalo, Y
- 1998
(Show Context)
Citation Context ...B2.sestimated mean time and effort to target by enumerating all searches in the privilege graph. The Markov model represents all possible probing sequences of a non-omniscient attacker. Ortalo et al. =-=[13,14]-=-, present experimental results using this model, based on a privilege graph constructed from 13 major UNIX vulnerabilities. They conclude that Mean Effort to Failure (METF) is more valuable as a secur... |