{"title":"为集群计算环境构建紧凑的开发图","authors":"Wei Li, R. Vaughn","doi":"10.1109/IAW.2005.1495933","DOIUrl":null,"url":null,"abstract":"In this paper, a modeling process is described to address challenges in analyzing attack scenarios and mitigating vulnerabilities in networked environments. Known system vulnerability data, system configuration data, and vulnerability scanner results are combined to create exploitation graphs (e-graphs), which are used to represent attack scenarios. The modeling process consists of three primary steps. The first step is the creation of a knowledge base of known system vulnerabilities. These vulnerabilities are represented using preconditions and postconditions. A template is used to represent preconditions and postconditions, and vulnerabilities are encoded using a predefined set of attributes. The second step involves the association of multiple vulnerabilities to create an e-graph specific to the system being modeled. The third step of this process involves the development of abstraction techniques that can be used to simplify exploitation graphs. A novel abstraction technique is proposed based on host connection similarity and exploitation similarity. These techniques have been applied into a high-performance cluster computing environment to show that they facilitate a compact representation of attack scenarios and provide in-depth vulnerability assessments.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Building compact exploitation graphs for a cluster computing environment\",\"authors\":\"Wei Li, R. Vaughn\",\"doi\":\"10.1109/IAW.2005.1495933\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, a modeling process is described to address challenges in analyzing attack scenarios and mitigating vulnerabilities in networked environments. Known system vulnerability data, system configuration data, and vulnerability scanner results are combined to create exploitation graphs (e-graphs), which are used to represent attack scenarios. The modeling process consists of three primary steps. The first step is the creation of a knowledge base of known system vulnerabilities. These vulnerabilities are represented using preconditions and postconditions. A template is used to represent preconditions and postconditions, and vulnerabilities are encoded using a predefined set of attributes. The second step involves the association of multiple vulnerabilities to create an e-graph specific to the system being modeled. The third step of this process involves the development of abstraction techniques that can be used to simplify exploitation graphs. A novel abstraction technique is proposed based on host connection similarity and exploitation similarity. These techniques have been applied into a high-performance cluster computing environment to show that they facilitate a compact representation of attack scenarios and provide in-depth vulnerability assessments.\",\"PeriodicalId\":252208,\"journal\":{\"name\":\"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-06-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IAW.2005.1495933\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IAW.2005.1495933","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Building compact exploitation graphs for a cluster computing environment
In this paper, a modeling process is described to address challenges in analyzing attack scenarios and mitigating vulnerabilities in networked environments. Known system vulnerability data, system configuration data, and vulnerability scanner results are combined to create exploitation graphs (e-graphs), which are used to represent attack scenarios. The modeling process consists of three primary steps. The first step is the creation of a knowledge base of known system vulnerabilities. These vulnerabilities are represented using preconditions and postconditions. A template is used to represent preconditions and postconditions, and vulnerabilities are encoded using a predefined set of attributes. The second step involves the association of multiple vulnerabilities to create an e-graph specific to the system being modeled. The third step of this process involves the development of abstraction techniques that can be used to simplify exploitation graphs. A novel abstraction technique is proposed based on host connection similarity and exploitation similarity. These techniques have been applied into a high-performance cluster computing environment to show that they facilitate a compact representation of attack scenarios and provide in-depth vulnerability assessments.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
