Article

Free access

A graph-based system for network-vulnerability analysis

Authors:

Cynthia Phillips,

Laura Painton SwilerAuthors Info & Claims

NSPW '98: Proceedings of the 1998 workshop on New security paradigms

Pages 71 - 79

https://doi.org/10.1145/310889.310919

Published: 01 January 1998 Publication History

PDF eReader

References

[1]

Burch, C., Krumke, S., Marathe, M., Phillips C., and Sundberg, E. "Multicriteria Approximation Through Decomposition", submitted, 1998.

Google Scholar

[2]

Cherkassky, B.V., A.V. Goldberg, and T. Radzik. "Shortest Paths Algorithms: Theory and Experimental Evaluation," Math Programming, 73, pp.129--174, 1996. Web site: http://www.neci .nj .nec.com/homepages/avg/soft/so ft.html

Digital Library

Google Scholar

[3]

Dacier, M., Y. Deswarte, and M. Kaaniche. "Quantitative Assessment of Operational Security: Models and Tools." LAAS Research Report 96493, May 1996.

Google Scholar

[4]

Denning, D. E. "An Intrusion-Detection Model." IEEE Transactions on Software Engineering, 13(2), 1987.

Digital Library

Google Scholar

[5]

Garey, M. R. and D. S. Johnson, Computers and Intractability: A Guide to the Theory of NP-Completeness, W. H. Freeman and Company, NY, 1979.

Digital Library

Google Scholar

[6]

Howard, J. D. "An Analysis of Security Incidents on the Internet, 1989-1995." Doctoral dissertation, Carnegie Mellon University, 1997.

Digital Library

Google Scholar

[7]

Internet Security Systems, Inc. 41 Perimeter Center East, Suite 550, Atlanta, GA 30346. Creator of the X-force database, accessed via http://www.iss.net/xforce.

Google Scholar

[8]

Lundqvist, U. and E. Jonsson. "A Map of Security Risks associated with using COTS." Computer, 31(6): 60-66, 1998.

Digital Library

Google Scholar

[9]

Lunt, T. F. "A Survey of Intrusion Detection Techniques." Computers and Security 12, pp. 405-418, 1993.

Digital Library

Google Scholar

[10]

Meadows, C., "A representation of Protocol Attacks for Risk Assessment", Network Threats, DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 38, R. N. Wright and P.G. Neumann editors, American Mathematical Society, pp. 1-10.

Google Scholar

[11]

Moskowithz, I.S, and M. H. Kang, "An Insecurity Flow Model", Proceedings of the Sixth New Security Paradigms Workshop", Langdale, Cumbria, UK, September, 1997, pp. 61-74.

Digital Library

Google Scholar

[12]

Naor, D. and D. Brutlag, "On suboptimal alignment of biological sequences," Proceedings of the 4th annual Symposium on Combinatorial Pattern Matching, Springer Verlag, 1993, pp. 179-196.

Digital Library

Google Scholar

[13]

Ortalo, R., Y. Deswarte, and M. Kaaniche, "Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security", in Dependable Computing for Critical Applications 6 (DCCA'6), (M.Dal Cin, C. Meadows and W.H. Sanders, Eds.), Grainau, Germany, March 5-7 1997, Dependable Computing and Fault-Tolerant Systems, vol. 11, pp.307-328, ISBN 0-8186-8009-1, IEEE Computer Society Press, 1998.

Google Scholar

[14]

Ortalo, R., Y. Deswarte, "Quantitative Evaluation of Information System Security", in Global IT Security, Proc. of the IFIP TC11 14th International Conference on Information Security (IFIP/SEC'98), (G. Papp, R. Posch, eds.), August 31 - September 4, Vienna-Budapest, Austria-Hungary, Austrian Computer Society, ISBN 3-85403-116-5, pp. 321-332, 1998.

Google Scholar

[15]

Phillips, C. A., "The network inhibition problem," Proceedings of the 25 th Annual ACM Symposium on the Theory of Computing, May 16-18, 1993, pp. 776-785.

Digital Library

Google Scholar

[16]

Presidential Commission on Critical Infrastructure Protection. Commission Report "Critical Foundations: Protecting America's Infrastructures," October 1997. Available at: http:l/www.pccip.govlreport index.html

Google Scholar

[17]

SATAN. (Security Administrator Tool for Analyzing Networks) tool. SATAN's creators, Mr. Dan Farmer and Mr. Wietse Venema, made SATAN widely available over the Internet without cost starting April 5, 1995. It can be obtained from the web site: http:/l 142.3.223.54/~short/SECURITY/satan.html

Google Scholar

[18]

Tayi, G., Rosencrantz, D. and S. Ravi. "Path Problems in Networks with Vector Valued Edge Weights." Submitted for publication, October 1997.

Google Scholar

[19]

Wyss, G. D., Schriner, H. K., and T. R. Gaylor (1996). "Probabilistic Logic Modeling of for Hybrid Network Architectures." Published in the Proceedings of the 21st IEEE Conference on Local Computer Networks.

Digital Library

Google Scholar

Cited By

View all

Seid EPopov OBlix F(2024)Security Attack Behavioural Pattern Analysis for Critical Service ProvidersJournal of Cybersecurity and Privacy10.3390/jcp40100044:1(55-75)Online publication date: 10-Jan-2024
https://doi.org/10.3390/jcp4010004
Czeczot GRojek IMikołajewski D(2024)Autonomous Threat Response at the Edge Processing Level in the Industrial Internet of ThingsElectronics10.3390/electronics1306116113:6(1161)Online publication date: 21-Mar-2024
https://doi.org/10.3390/electronics13061161
Kazeminajafabadi AGhoreishi SImani M(2024)Optimal Detection for Bayesian Attack Graphs Under Uncertainty in Monitoring and Reimaging2024 American Control Conference (ACC)10.23919/ACC60939.2024.10644873(3927-3934)Online publication date: 10-Jul-2024
https://doi.org/10.23919/ACC60939.2024.10644873
Show More Cited By

Index Terms

A graph-based system for network-vulnerability analysis

Recommendations

Scalable, graph-based network vulnerability analysis
CCS '02: Proceedings of the 9th ACM conference on Computer and communications security

Even well administered networks are vulnerable to attack. Recent work in network security has focused on the fact that combinations of exploits are the typical means by which an attacker breaks into a network. Researchers have proposed a variety of ...
Cyber-attacks visualisation and prediction in complex multi-stage network

In network security, various protocols exist, but these cannot be said to be secure. Many hackers and illegal agents try to take advantage of the vulnerabilities through various incremental penetrations that can compromise critical systems. The ...
A vulnerability attack graph generation method based on scripts
ICICA'12: Proceedings of the Third international conference on Information Computing and Applications

The vulnerability attack graph is an important method for prevention of network attacks. However, the huge amount of vulnerability has caused great difficulties for attack graph generation. By using the general search methods, we often retrieve many ...

Comments

Information & Contributors

Information

Published In

NSPW '98: Proceedings of the 1998 workshop on New security paradigms

January 1998

142 pages

ISBN:1581131682

DOI:10.1145/310889

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 1998

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

NSPW98

Sponsor:

SIGSAC

NSPW98: New Security Paradigms Workshop '98

September 22 - 26, 1998

Virginia, Charlottesville, USA

Acceptance Rates

Overall Acceptance Rate 62 of 170 submissions, 36%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

520
Total Citations
View Citations
7,453
Total Downloads

Downloads (Last 12 months)989
Downloads (Last 6 weeks)80

Reflects downloads up to 11 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Seid EPopov OBlix F(2024)Security Attack Behavioural Pattern Analysis for Critical Service ProvidersJournal of Cybersecurity and Privacy10.3390/jcp40100044:1(55-75)Online publication date: 10-Jan-2024
https://doi.org/10.3390/jcp4010004
Czeczot GRojek IMikołajewski D(2024)Autonomous Threat Response at the Edge Processing Level in the Industrial Internet of ThingsElectronics10.3390/electronics1306116113:6(1161)Online publication date: 21-Mar-2024
https://doi.org/10.3390/electronics13061161
Kazeminajafabadi AGhoreishi SImani M(2024)Optimal Detection for Bayesian Attack Graphs Under Uncertainty in Monitoring and Reimaging2024 American Control Conference (ACC)10.23919/ACC60939.2024.10644873(3927-3934)Online publication date: 10-Jul-2024
https://doi.org/10.23919/ACC60939.2024.10644873
Dong CFeng YShang W(2024)A new method of dynamic network security analysis based on dynamic uncertain causality graphJournal of Cloud Computing10.1186/s13677-023-00568-713:1Online publication date: 24-Jan-2024
https://doi.org/10.1186/s13677-023-00568-7
Teixeira De Castro HHussain ABlanc GEl Hachem JBlouin DLeneutre JPapadimitratos P(2024)A Model-based Approach for Assessing the Security of Cyber-Physical SystemsProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3670470(1-10)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3670470
Blefari FPironti FFurfaro A(2024)Toward a Log-based Anomaly Detection System for Cyber Range PlatformsProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3669976(1-9)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3669976
Engström VNebbione GEkstedt M(2024)A Metalanguage for Dynamic Attack Graphs and Lazy GenerationProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664508(1-11)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664508
Jmal HHmida FBasta NIkram MKaafar MWalker A(2024)SPGNN-API: A Transferable Graph Neural Network for Attack Paths Identification and Autonomous MitigationIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.333896519(1601-1613)Online publication date: 2024
https://doi.org/10.1109/TIFS.2023.3338965
Sasahara HSandberg H(2024)Asymptotic Security Using Bayesian Defense Mechanism With Application to Cyber DeceptionIEEE Transactions on Automatic Control10.1109/TAC.2023.334097869:8(5004-5019)Online publication date: Aug-2024
https://doi.org/10.1109/TAC.2023.3340978
Al-Araji ZSakinah Syed Ahmad SFarhood HAwad Mutlag AAl-Khaldee M(2024)Attack graph-based security metrics: Concept, taxonomy, challenges and open issuesBIO Web of Conferences10.1051/bioconf/2024970008597(00085)Online publication date: 5-Apr-2024
https://doi.org/10.1051/bioconf/20249700085
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Scalable, graph-based network vulnerability analysis

Cyber-attacks visualisation and prediction in complex multi-stage network

A vulnerability attack graph generation method based on scripts

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF

eReader

Login options

Full Access

References

Cited By

Index Terms

Recommendations

Scalable, graph-based network vulnerability analysis

Cyber-attacks visualisation and prediction in complex multi-stage network

A vulnerability attack graph generation method based on scripts

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations