A weakest-adversary security metric for network configuration security analysis

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A weakest-adversary security metric for network configuration security analysis

Full text

Pdf (646 KB)

Source

Conference on Computer and Communications Security archive
Proceedings of the 2nd ACM workshop on Quality of protection table of contents

Alexandria, Virginia, USA

SESSION: Network security metrics table of contents

Pages: 31 - 38

Year of Publication: 2006

ISBN:1-59593-553-3

Authors

Joseph Pamula	George Mason University
Sushil Jajodia	George Mason University
Paul Ammann	George Mason University
Vipin Swarup	The MITRE Corporation

Sponsors

ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 41, Downloads (12 Months): 247, Citation Count: 5

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1179494.1179502 What is a DOI?

ABSTRACT

A security metric measures or assesses the extent to which a system meets its security objectives. Since meaningful quantitative security metrics are largely unavailable, the security community primarily uses qualitative metrics for security. In this paper, we present a novel quantitative metric for the security of computer networks that is based on an analysis of attack graphs. The metric measures the security strength of a network in terms of the strength of the weakest adversary who can successfully penetrate the network. We present an algorithm that computes the minimal sets of required initial attributes for the weakest adversary to possess in order to successfully compromise a network; given a specific network configuration, set of known exploits, a specific goal state, and an attacker class (represented by a set of all initial attacker attributes). We also demonstrate, by example, that diverse network configurations are not always beneficial for network security in terms of penetrability.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Paul Ammann , Joseph Pamula , Julie Street , Ronald Ritchey, A Host-Based Approach to Network Attack Chaining Analysis, Proceedings of the 21st Annual Computer Security Applications Conference, p.72-84, December 05-09, 2005 [doi>10.1109/CSAC.2005.6]
	2	Paul Ammann , Duminda Wijesekera , Saket Kaushik, Scalable, graph-based network vulnerability analysis, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA [doi>10.1145/586110.586140]
	3	Applied Computer Security Associates. Workshop on Information Security System Scoring and Ranking, 2001.
	4	Common Vulnerabilities & Exposures (CVE). The standard for information security vulnerability names. http://cve.mitre.org.
	5	M. Dacier , Y. Deswarte , M. Kaâniche, Models and tools for quantitative assessment of operational security, Information systems security: facing the information society of the 21st century, Chapman & Hall, Ltd., London, UK, 1996
	6	Marc Dacier. Towards Quantitative Evaluation of Computer Security. PhD thesis, Institut National Polytechnique de Toulouse, 1994.
	7	M. Howard, J. Pincus, and J. M. Wing. Measuring relative attack surfaces. In Proceedings of the Workshop on Advanced Developments in Software and Systems Security, August 2003.
	8	S. Jajodia, S. Noel, and B. O'Berry. Topological analysis of network attack vulnerability. In Managing Cyber Threats: Issues, Approaches and Challenges, pages 248--266. V. Kumar, J. Srivastava and A. Lazarevic (Eds.), Springer-Verlag, 2005.
	9	S. Jha , O. Sheyner , J. Wing, Two Formal Analys s of Attack Graphs, Proceedings of the 15th IEEE Computer Security Foundations Workshop (CSFW'02), p.49, June 24-26, 2002
	10	S. Jha, O. Sheyner, and J. M. Wing. Minimization and reliability analysis of attack graphs. Technical Report CMU-CS-02-109, School of Computer Science, Carnegie Mellon University, February 2002.
	11	National Institute of Standards and Technology. Security Metrics Guide for Information Technology Systems, number 800-55 in NIST Special Publication, 2003.
	12	Steven Noel , Sushil Jajodia , Brian O'Berry , Michael Jacobs, Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs, Proceedings of the 19th Annual Computer Security Applications Conference, p.86, December 08-12, 2003
	13	Rodolphe Ortalo , Yves Deswarte , Mohamed Kaâniche, Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security, IEEE Transactions on Software Engineering, v.25 n.5, p.633-650, September 1999 [doi>10.1109/32.815323]
	14	Cynthia Phillips , Laura Painton Swiler, A graph-based system for network-vulnerability analysis, Proceedings of the 1998 workshop on New security paradigms, p.71-79, September 22-26, 1998, Charlottesville, Virginia, United States [doi>10.1145/310889.310919]
	15	Ronald W. Ritchey , Paul Ammann, Using Model Checking to Analyze Network Vulnerabilities, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.156, May 14-17, 2000
	16	Oleg Sheyner , Joshua Haines , Somesh Jha , Richard Lippmann , Jeannette M. Wing, Automated Generation and Analysis of Attack Graphs, Proceedings of the 2002 IEEE Symposium on Security and Privacy, p.273, May 12-15, 2002
	17	Oleg Sheyner and Jeannette Wing. Tools for generating and analyzing attack graphs. In Proceedings of International Symposium on Formal Methods for Components and Objects, Lecture Notes in Computer Science 3188, pages 344--371, 2004.
	18	V. Swarup, S. Jajodia, and J. Pamula. Rule-based topological vulnerability analysis. In Proceedings of the 3rd International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security (MMM-ACNS 2005), pages 23--37, St. Petersburg, Russia, September 2005.
	19	L. Swiler, C. Phillips, D. Ellis, , and S. Chakerian. Computer-attack graph generation tool. In Proceedings of the DARPA Information Survivability Conference & Exposition II (DISCEX '01), pages 307--321, June 2001.

CITED BY 5

	Anoop Singhal , Xinming Ou, Techniques for enterprise network security metrics, Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, April 13-15, 2009, Oak Ridge, Tennessee
	Lingyu Wang , Anoop Singhal , Sushil Jajodia, Toward measuring network security using attack graphs, Proceedings of the 2007 ACM workshop on Quality of protection, October 29-29, 2007, Alexandria, Virginia, USA
	Steven Noel , Sushil Jajodia, Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs, Journal of Network and Systems Management, v.16 n.3, p.259-275, September 2008
	Marcel Frigault , Lingyu Wang , Anoop Singhal , Sushil Jajodia, Measuring network security using dynamic bayesian network, Proceedings of the 4th ACM workshop on Quality of protection, October 27-27, 2008, Alexandria, Virginia, USA
	Nwokedi C. Idika , Brandeis H. Marshall , Bharat K. Bhargava, Maximizing network security given a limited budget, The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations, April 01-04, 2009, Portland, Oregon