Sciweavers

SAC
2009
ACM

Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients

14 years 7 months ago
Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients
Attackers take advantage of any security breach to penetrate an organisation perimeter and exploit hosts as stepping stones to reach valuable assets, deeper in the network. The exploitation of hosts is possible not only when vulnerabilities in commercial off-the-shelf (COTS) software components are present, but also e.g. when an attacker acquires a key (e.g. a password) on one host which allows him to exploit further hosts on the network. Finding attacks involving the latter case requires the ability to represent dynamic models. In this paper we present MsAMS (Multi-step Attack Modelling and Simulation), an implemented framework, based on Mobile Ambients, to discover attacks in networks. The idea of ambients fits naturally into this domain and has the advantage of providing flexibility for modelling. Additionally, the concept of mobility allows the simulation of attackers exploiting opportunities derived either from the exploitation of vulnerable as well as from the exploitation of ...
Virginia N. L. Franqueira, Raul H. C. Lopes, Pasca
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where SAC
Authors Virginia N. L. Franqueira, Raul H. C. Lopes, Pascal van Eck
Comments (0)