Sciweavers

ACSAC
2009
IEEE

Modeling Modern Network Attacks and Countermeasures Using Attack Graphs

14 years 6 months ago
Modeling Modern Network Attacks and Countermeasures Using Attack Graphs
Abstract—By accurately measuring risk for enterprise networks, attack graphs allow network defenders to understand the most critical threats and select the most effective countermeasures. This paper describes substantial enhancements to the NetSPA attack graph system required to model additional present-day threats (zero-day exploits and client-side attacks) and countermeasures (intrusion prevention systems, proxy firewalls, personal firewalls, and host-based vulnerability scans). Point-to-point reachability algorithms and structures were extensively redesigned to support “reverse” reachability computations and personal firewalls. Host-based vulnerability scans are imported and analyzed. Analysis of an operational network with 85 hosts demonstrates that client-side attacks pose a serious threat. Experiments on larger simulated networks demonstrated that NetSPA’s previous excellent scaling is maintained. Less than two minutes are required to completely analyze a four-enclave ...
Kyle Ingols, Matthew Chu, Richard Lippmann, Seth E
Added 18 May 2010
Updated 18 May 2010
Type Conference
Year 2009
Where ACSAC
Authors Kyle Ingols, Matthew Chu, Richard Lippmann, Seth E. Webster, Stephen Boyer
Comments (0)