Abstract
Today’s information systems face sophisticated attackers who combine multiple vulnerabilities to penetrate networks with devastating impact. The overall security of an enterprise network cannot be determined by simply counting the number of vulnerabilities. To more accurately assess the security of enterprise systems, one must understand how vulnerabilities can be combined and exploited to stage an attack. Composition of vulnerabilities can be modeled using probabilistic attack graphs, which show all paths of attacks that allow incremental network penetration. Attack likelihoods are propagated through the attack graph, yielding a novel way to measure the security risk of enterprise systems. This metric for risk mitigation analysis is used to maximize the security of enterprise systems. This methodology based on probabilistic attack graphs can be used to evaluate and strengthen the overall security of enterprise networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Computer Emergency Response Team, http://www.cert.org/.
References
A. Jaquith, Security Metrics: Replacing Fear, Uncertainty, and Doubt (Addison Wesley, Upper Saddle River, 2007)
S. Noel, J. Jajodia, Understanding complex network attack graphs through clustered adjacency matrices, in Proceedings of the 21st Annual Computer Security Applications Conference (2005)
S. Noel, S. Jajodia, Managing attack graph complexity through visual hierarchical aggregation, in Proceedings of the ACM CCS Workshop on Visualization and Data Mining for Computer Security (2004)
S. Jajodia, S. Noel, B. O’Berry, Topological analysis of network attack vulnerability, in Managing Cyber Threats: Issues, Approaches and Challenges, ed. by V. Kumar, J. Srivastava, A. Lazarevic (Springer, New York, 2005)
K. Ingols, R. Lippmann, K. Piwowarski, Practical attack graph generation for network defense, in Proceedings of ACSAC Conference (2006)
K. Ingols, M. Chu, R. Lippmann, S. Webster, S. Boyer, Modeling modern network attacks and countermeasures using attack graphs, in Proceedings of ACSAC Conference (2009)
X. Ou, W.F. Boyer, M.A. McQueen, A scalable approach to attack graph generation, in Proceedings of 13th ACM CCS Conference (2006), pp. 336–345
X. Ou, S. Govindavajhala, A.W. Apple, MULVAL: a logic based network security analyzer, in 14th USENIX Security Symposium (2005)
Skybox Security, http://www.skyboxsecurity.com/
RedSeal Systems, http://www.redseal.net/
Nessus Vulnerability Scanner, http://www.nessus.org
Retina Security Scanner, http://www.eeye.com/
L. Wang, A. Singhal, S. Jajodia, Measuring the overall security of network configurations using attack graphs, in Proceedings of the 21st IFIP WG 11.3 Working Conference on Data and Applications Security (Springer-Verlag, 2007)
J. Pamula, S. Jajodia, P. Ammann, V. Swarup, A weakest-adversary security metric for network configuration security analysis, in Proceedings of the 2nd ACM Workshop on Quality of Protection (ACM Press, 2006)
The Systems Security Engineering Capability Maturity Model, http://www.sse-cmm.org/index.html
M. Swanson, N. Bartol, J. Sabato, J. Hash, L. Graffo, Security Metrics Guide for Information Technology Systems, Special Publication 800-55 (National Institute of Standards and Technology, 2003)
G. Stoneburner, C. Hayden, A. Feringa, Engineering Principles for Information Technology Security, Special Publication 800-27 (Rev A) (National Institute of Standards and Technology, 2004)
Joint Task Force Transformation Initiative, NIST Special Publication 800-39, Managing Information Security Risk, Organization, Mission and Information System Review (2011)
E. Chew, M. Swanson, K. Stine, N. Bartol, A. Brown, W. Robinson, NIST Special Publication 800-55 Revision 1, Performance Measurement Guide for Information Security (2008)
G. Stoneburner, A. Goguen, A. Feringa, NIST Special Publication 800-30, Risk Management Guide for Information Technology Systems (2001)
P. Mell, K. Scarforne, S. Romanosky, A Complete Guide to the Common Vulnerability Scoring System (CVSS) Version 2.0, http://www.first.org/cvss/cvss-guide.html
R. Ritchey, P. Ammann, Using model checking to analyze network vulnerabilities, in Proceedings of the IEEE Symposium on Security and Privacy (2000)
O. Sheyner, J. Haines, S. Jha, R. Lippmann, J. Wing, Automated generation and analysis of attack graphs, in Proceedings of the IEEE Symposium on Security and Privacy (2002)
P. Ammann, D. Wijesekera, S. Kaushik, Scalable, graph-based network vulnerability analysis, in Proceedings of the ACM Conference on Computer and Communications Security (2002)
R. Lippmann, K. Ingols, C. Scott, K. Piwowarski, K. Kratkiewicz, M. Artz, R. Cunningham, Validating and restoring defense in depth using attack graphs, in MILCOM Military Communications Conference (2006)
S. Noel, S. Jajodia, Advanced vulnerability analysis and intrusion detection through predictive attack graphs, in Critical Issues in C4I, Armed Forces Communications and Electronics Association (AFCEA) Solutions Series (2009)
S. Noel, S. Jajodia, Proactive intrusion prevention and response via attack graphs, in Practical Intrusion Detection, ed. by R. Trost Addison-Wesley Professional, (2009)
F. Cuppens, R. Ortalo, LAMBDA: a language to model a database for detection of attacks, in Proceedings of the Workshop on Recent Advances in Intrusion Detection (2000)
S. Templeton, K. Levitt, A requires/provides model for computer attacks, in Proceedings of the New Security Paradigms Workshop (2000)
R. Ritchey, B. O’Berry, S. Noel, Representing TCP/IP connectivity for topological analysis of network security, in Proceedings of the 18th Annual Computer Security Applications Conference (2002)
R. Lippmann, K. Ingols, An Annotated Review of Past Papers on Attack Graphs, Lincoln Laboratory Technical Report ESC-TR-2005-054 (2005)
M. Frigault, L. Wang, A. Singhal, S. Jajodia, Measuring network security using dynamic bayesian network, in 2008 ACM Workshop on Quality of Protection, October 2008
L. Wang, T. Islam, T. Long, A. Singhal, S. Jajodia, An attack graph based probabilistic security metrics, in Proceedings of 22nd IFIP WG 11.3 Working Conference on Data and Application Security (DBSEC 2008), London, UK, July 2008
A. Singhal, S. Xou, Techniques for enterprise network security metrics, in Proceedings of 2009 Cyber Security and Information Intelligence Research Workshop, Oakridge National Labs, Oakridge, April 2009
P. Manadhata, J. Wing, M. Flynn, M. McQueen, Measuring the attack surface of two FTP daemons, in Proceedings of 2nd ACM Workshop on Quality of Protection (2006)
J. Homer, X. Ou, D. Schmidt, A Sound and Practical Approach to Quantifying Security Risk in Enterprise Networks,” Technical report, Kansas State University, Computing and Information Sciences Department (2009)
J. Wang, N. Singhal, K Zero day safety: measuring the security of networks against unknown attacks, in European Symposium on Research in Computer Security (ESORICS), September 2010
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Singhal, A., Ou, X. (2017). Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs. In: Network Security Metrics. Springer, Cham. https://doi.org/10.1007/978-3-319-66505-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-66505-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-66504-7
Online ISBN: 978-3-319-66505-4
eBook Packages: Computer ScienceComputer Science (R0)