Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Foundations and Practice of Security

FPS 2012: Foundations and Practice of Security pp 357–364Cite as

Towards Modelling Adaptive Attacker’s Behaviour

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7743))

Abstract

We describe our model for the behaviour of an attacker. In the model, the attacker has uncertain knowledge about a computer system. Moreover, the attacker tries different attack paths if initially selected ones cannot be completed. The model allows finer-grained analysis of the security of computer systems. The model is based on Markov Decision Processes theory for predicting possible attacker’s decisions.

This work was partly supported by EU-FP7-ICT NESSoS and 295354 SESAMO projects.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE TIT 29, 198–208 (1983)

    MathSciNet  MATH  Google Scholar 

  2. Gallon, L., Bascou, J.-J.: Cvss attack graphs. In: SITIS (2011)

    Google Scholar 

  3. Krautsevich, L., Martinelli, F., Yautsiukhin, A.: Formal Analysis of Security Metrics and Risk. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 304–319. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  4. LeMay, E., Ford, M.D., Keefe, K., Sanders, W.H., Muehrcke, C.: Model-based security metrics using adversary view security evaluation (advise). In: QEST (2011)

    Google Scholar 

  5. Marchignoli, D., Martinelli, F.: Automatic Verification of Cryptographic Protocols through Compositional Analysis Techniques. In: Cleaveland, W.R. (ed.) TACAS/ETAPS 1999. LNCS, vol. 1579, pp. 148–162. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  6. Mitchell, J.C., Ramanathan, A., Scedrovb, A., Teaguea, V.: A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols. TCS 353, 118–164 (2006)

    Article  MATH  Google Scholar 

  7. Mitnik, K.D., Simon, W.L.: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers. Wiley (2005)

    Google Scholar 

  8. Pettersen, Y.N.: Renego patched servers: A long-term interoperability time bomb brewing (July 20, 2012), http://my.opera.com/yngve/blog/2010/06/02/renego-patched-servers-a-long-term-interoperability-time-bomb-brewing

  9. Puterman, M.L.: Markov Decision Processes Discrete Stochastic Dynamic Programming. Wiley-Interscience (2005)

    Google Scholar 

  10. Sarraute, C., Buffet, O., Hoffmann, J.: Pomdps make better hackers: Accounting for uncertainty in penetration testing. In: AAAI (2012)

    Google Scholar 

  11. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: IEEE SSP, pp. 273–284 (2002)

    Google Scholar 

  12. Wang, L., Liu, A., Jajodia, S.: Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts. CC 29, 2917–2933 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Pisa, Largo B. Pontecorvo 3, Pisa, 56127, Italy

    Leanid Krautsevich

  2. Istituto di Informatica e Telematica, Consiglio Nazionale delle Ricerche, Via G. Moruzzi 1, Pisa, 56124, Italy

    Leanid Krautsevich, Fabio Martinelli & Artsiom Yautsiukhin

Authors
  1. Leanid Krautsevich
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fabio Martinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Artsiom Yautsiukhin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. TELECOM SudParis, 9 rue Charles Fourier, 91011, Evry, CEDEX, France

    Joaquin Garcia-Alfaro

  2. TELECOM Bretagne, 2 rue de la Châtaigneraie, 35512, Cesson Sévigné, CEDEX, France

    Frédéric Cuppens  & Nora Cuppens-Boulahia  & 

  3. Ryerson University, 245 Church Street, M5B 2K3, Toronto, ON, Canada

    Ali Miri

  4. Université Laval, 1065 avenue de la médecine, G1V 0A6, Quebec, Canada

    Nadia Tawbi

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Krautsevich, L., Martinelli, F., Yautsiukhin, A. (2013). Towards Modelling Adaptive Attacker’s Behaviour. In: Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., Miri, A., Tawbi, N. (eds) Foundations and Practice of Security. FPS 2012. Lecture Notes in Computer Science, vol 7743. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37119-6_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-37119-6_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-37118-9

  • Online ISBN: 978-3-642-37119-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation