NetSecuritas:面向企业网络的集成攻击图安全评估工具

Proceedings of the 16th International Conference on Distributed Computing and Networking Pub Date : 2015-01-04 DOI:10.1145/2684464.2684494

Nirnay Ghosh, Ishan Chokshi, Mithun Sarkar, S. Ghosh, A. K. Kaushik, Sajal K. Das

{"title":"NetSecuritas:面向企业网络的集成攻击图安全评估工具","authors":"Nirnay Ghosh, Ishan Chokshi, Mithun Sarkar, S. Ghosh, A. K. Kaushik, Sajal K. Das","doi":"10.1145/2684464.2684494","DOIUrl":null,"url":null,"abstract":"Sophisticated cyber-attacks have become prominent with the growth of the Internet and web technology. Such attacks are multi-stage ones, and correlate vulnerabilities on intermediate hosts to compromise an otherwise well-protected critical resource. Conventional security assessment approaches can leave out some complex scenarios generated by these attacks. In the literature, these correlated attacks have been modeled using attack graphs. Although a few attack graph-based network security assessment tools are available, they are either commercial products or developed using proprietary databases. In this paper, we develop a customized tool, NetSecuritas, which implements a novel heuristic-based attack graph generation algorithm and integrates different phases of network security assessment. NetSecuritas leverages open-source libraries, tools and publicly available databases. A cost-driven mitigation strategy has also been proposed to generate network security recommendations. Experimental results establish the efficacy of both attack graph generation and mitigation approach.","PeriodicalId":298587,"journal":{"name":"Proceedings of the 16th International Conference on Distributed Computing and Networking","volume":"44 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"24","resultStr":"{\"title\":\"NetSecuritas: An Integrated Attack Graph-based Security Assessment Tool for Enterprise Networks\",\"authors\":\"Nirnay Ghosh, Ishan Chokshi, Mithun Sarkar, S. Ghosh, A. K. Kaushik, Sajal K. Das\",\"doi\":\"10.1145/2684464.2684494\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Sophisticated cyber-attacks have become prominent with the growth of the Internet and web technology. Such attacks are multi-stage ones, and correlate vulnerabilities on intermediate hosts to compromise an otherwise well-protected critical resource. Conventional security assessment approaches can leave out some complex scenarios generated by these attacks. In the literature, these correlated attacks have been modeled using attack graphs. Although a few attack graph-based network security assessment tools are available, they are either commercial products or developed using proprietary databases. In this paper, we develop a customized tool, NetSecuritas, which implements a novel heuristic-based attack graph generation algorithm and integrates different phases of network security assessment. NetSecuritas leverages open-source libraries, tools and publicly available databases. A cost-driven mitigation strategy has also been proposed to generate network security recommendations. Experimental results establish the efficacy of both attack graph generation and mitigation approach.\",\"PeriodicalId\":298587,\"journal\":{\"name\":\"Proceedings of the 16th International Conference on Distributed Computing and Networking\",\"volume\":\"44 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-01-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"24\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 16th International Conference on Distributed Computing and Networking\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2684464.2684494\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 16th International Conference on Distributed Computing and Networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2684464.2684494","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 24

摘要

随着互联网和网络技术的发展，复杂的网络攻击变得越来越突出。这种攻击是多阶段的，并将中间主机上的漏洞关联起来，从而危及原本受到良好保护的关键资源。传统的安全评估方法可能会忽略这些攻击产生的一些复杂场景。在文献中，这些相关的攻击已经使用攻击图建模。虽然有一些基于攻击图的网络安全评估工具可用，但它们要么是商业产品，要么是使用专有数据库开发的。在本文中，我们开发了一个定制工具NetSecuritas，它实现了一种新颖的基于启发式的攻击图生成算法，并集成了网络安全评估的不同阶段。NetSecuritas利用开源库、工具和公开可用的数据库。还提出了一项成本驱动的缓解战略，以产生网络安全建议。实验结果验证了攻击图生成和缓解方法的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

NetSecuritas: An Integrated Attack Graph-based Security Assessment Tool for Enterprise Networks

Sophisticated cyber-attacks have become prominent with the growth of the Internet and web technology. Such attacks are multi-stage ones, and correlate vulnerabilities on intermediate hosts to compromise an otherwise well-protected critical resource. Conventional security assessment approaches can leave out some complex scenarios generated by these attacks. In the literature, these correlated attacks have been modeled using attack graphs. Although a few attack graph-based network security assessment tools are available, they are either commercial products or developed using proprietary databases. In this paper, we develop a customized tool, NetSecuritas, which implements a novel heuristic-based attack graph generation algorithm and integrates different phases of network security assessment. NetSecuritas leverages open-source libraries, tools and publicly available databases. A cost-driven mitigation strategy has also been proposed to generate network security recommendations. Experimental results establish the efficacy of both attack graph generation and mitigation approach.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 16th International Conference on Distributed Computing and Networking

自引率

0.00%

发文量