Abstract
A global vulnerability of an IT infrastructure is a set of vulnerabilities in its nodes that enables a sequence of attacks where an agent acquires the privileges that each attack requires as a result of the previous attacks in the sequence. This paper presents QSec, a tool to support decision on the infrastructure security that queries a database with information on global vulnerabilities and the corresponding attack sequences. QSec can return information on, among others, global vulnerabilities, the corresponding attack sequences and the infrastructure nodes that are the target of a sequence. This information is fundamental to evaluate in more details the security of the infrastructure and to support decisions on vulnerabilities to be removed.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ammann, P., Pamula, J., Street, J., Ritchey, R.W.: A host-based approach to network attack chaining analysis. In: ACSAC, pp. 72–84. IEEE Computer Society (2005)
Baiardi, F., Corò, F., Tonelli, F., Guidi, L.: Gvscan: Scanning networks for global vulnerabilities. In: First International Workshop on Emerging Cyberthreats and Countermeasures, Regensburg, Germany (September 2013)
Cheung, S., Lindqvist, U., Fong, M.W.: Modeling multistep cyber attacks for scenario recognition. In: DISCEX (1), pp. 284–292. IEEE Computer Society (2003)
Cuppens, F., Autrel, F., Miege, A., Benferhat, S.: Correlation in an intrusion detection process. In: SECI 2002: Sécurité des Communications sur Internet, Tunis, Tunisie, Septembre 19-21, pp. 153–172 (2002)
Fovino, I.N., Masera, M., Guidi, L., Carpi, G.: An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants. In: 3rd International Conference on Human System Interaction, pp. 679–686. IEEE (May 2010)
Han, Z., Cheng, L., Zhang, Y., Feng, D.: Measuring and comparing the protection quality in different operating systems. In: Lopez, J., Huang, X., Sandhu, R. (eds.) NSS 2013. LNCS, vol. 7873, pp. 642–648. Springer, Heidelberg (2013)
Harrison, L., Spahn, R., Iannacone, M., Downing, E., Goodall, J.R.: Nv: Nessus vulnerability visualization for the web. In: Proceedings of the Ninth International Symposium on Visualization for Cyber Security, VizSec 2012, pp. 25–32. ACM, New York (2012)
Howard, J.D.: An analysis of security incidents on the Internet 1989-1995. PhD thesis, Carnegie Mellon University, Pittsburgh, PA, USA, UMI Order No. GAX98-02539 (1998)
Jajodia, S., Noel, S.: Topological vulnerability analysis: A powerful new approach for network attack prevention, detection, and response, pp. 285–305. World Scientific Press (2009)
MITRE. Cve, a dictionary of publicly known information security vulnerabilities and exposures. Technical report, MITRE (1999)
Morin, B., Mé, L., Debar, H., Ducassé, M.: M2d2: A formal data model for ids alert correlation. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 115–127. Springer, Heidelberg (2002)
Noel, S., Robertson, E., Jajodia, S.: Correlating intrusion events and building attack scenarios through attack graph distances. In: ACSAC, pp. 350–359. IEEE Computer Society (2004)
Ozkan, S.: Cve details, the ultimate security vulnerability datasource. Technical report, Serkan Ozkan (1999)
Paxson, V., Zhang, Y.: Detecting stepping stones. In: USENIX (2000)
Stuckman, J., Purtilo, J.: Comparing and applying attack surface metrics. In: Proceedings of the 4th International Workshop on Security Measurements and Metrics, MetriSec 2012, pp. 3–6. ACM, New York (2012)
Wang, S., Zhang, Z., Kadobayashi, Y.: Exploring attack graph for cost-benefit security hardening: A probabilistic approach. Computers and Security 32, 158–169 (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Baiardi, F., Tonelli, F., Corò, F., Guidi, L. (2013). QSec: Supporting Security Decisions on an IT Infrastructure. In: Luiijf, E., Hartel, P. (eds) Critical Information Infrastructures Security. CRITIS 2013. Lecture Notes in Computer Science, vol 8328. Springer, Cham. https://doi.org/10.1007/978-3-319-03964-0_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-03964-0_10
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-03963-3
Online ISBN: 978-3-319-03964-0
eBook Packages: Computer ScienceComputer Science (R0)