A Framework for Analysis A Network Vulnerability

Size: px
Start display at page:

Download "A Framework for Analysis A Network Vulnerability"

Transcription

1 A Framework for Analysis A Tito Waluyo Purboyo 1, Kuspriyanto 2 1,2 School of Electrical Engineering & Informatics, Institut Teknologi Bandung Jl. Ganesha 10 Bandung 40132, Indonesia Abstract: administrators must rely on labourintensive processes for tracking network configurations and vulnerabilities, which needs a lot of expertise and error prone. vulnerabilities and interdependencies are so complex to make traditional vulnerability analysis become inadequate. Capability of decision support let analysts make tradeoffs between security and optimum availability, and explains how best to apply limited security resources. Recent works in network security has focused on the fact that a combination of exploitation is the typical way in which the invader breaks the network security. Researchers have proposed various algorithms to generate graphs based attack tree (or graph). In this paper, a framework, architecture and approach to Analysis are presented. Keywords:, Analysis, Attack, Attack Graph, Analysis 1. INTRODUCTION While we cannot predict the origin and the time of attacks, we can reduce their impact by knowing the possible attack paths through the networks. Reliance on manual processes and mental models is inadequate. Automated tools are needed for analysing and visualizing vulnerability dependencies and the path of attacks, for understanding overall security posture [1]. Attack graphs are constructed by starting an adversary at a given network location and, using information about the network topology and host vulnerabilities, examining how the attacker can progressively compromise vulnerable hosts that are reachable from already compromised hosts. A vulnerability scanners and analyses of filtering performed by firewalls and routers are used to obtain information about host vulnerabilities and to determine host-to-host reachability in a network. Almost all approaches have a method of generating recommendations to patch critical vulnerabilities or make firewalls more restrictive. In addition, most of the existing implementations provide some type of attack graph display. However, the abstract nature of attack graphs has proven to be a serious practical weakness in creating an effective display [2]. Recently, in order to analyse the vulnerabilities in a network of hosts, many methods have been proposed. One significant method is attack graph analysis [1,2,3]. The attack graph depicts the attack paths of a potential attacker, for a determined attacker is likely to penetrate deeper into the network by exploiting a chain of vulnerabilities. There are several methods to generate attack graphs. At first, attack graph are produced manually by Red Teams. Later, model checking tools NuSMV and TVA (Topological vulnerability analysis) tools are introduced to generate attack graphs automatically [3]. administrators raise major challenges if he confronted with software vulnerabilities on the host network. With the number of vulnerabilities found each year developed rapidly, it is not possible for system administrators to safeguard the software running on their networks free of security bugs. One of the everyday tasks of a system administrator is to read bug reports from various sources (such as CERT, bugtraq etc.) and understand the real bug reported security vulnerabilities in the context of its own network. With the appearance of new vulnerabilities, assessment of their impact on the network security important in choosing the right countermeasures: patch and reboot, reconfigure the firewall, dismount the partition file-server, and so on [5]. In Section II we will discuss the framework, approach and model for vulnerability analysis. 2. FRAMEWORK, APPROACH, MODEL FOR VULNERABILITY ANALYSIS In this section, we will discuss some framework, approach and model for vulnerability analysis. 2.1 Topological Analysis (TVA) Figure 1 is an overview of the approaches to construct and analyse attack graph through TVA. Fetching data network used for build a network models, particularly with respect to the relevant security attributes. base is a comprehensive repository of a reported vulnerability, the vulnerability of each record list of affected software (and hardware). Exploit conditions of vulnerabilities encode how each can be exploited (preconditions) and results of exploitation (post condition). Fetching data networks is collecting data to a Volume 2, Issue 4 July August 2013 Page 405

2 network that is maintained, in the form of the corresponding elements in the base and Exploit Conditions. Together, these inputs are used to build an environment model for multi-stage attack graph simulation [1]. provided). This program uses a pattern-matching algorithm that has been trained on a sample vulnerability data set. The classifier was built using the available LNKNet tool which is a free tool. The engine, written in C++, is responsible for computing reachability, generating attack graphs, and analysing the graphs to generate recommendations. The engine reads the model of network from the custom binary file produced by the importer. The block diagram in Figure 1 gives an review of the design of the NetSPA system [2]. 2.3 C. Architecture of intelligent vulnerability analysis model Figure 1 Topological Analysis (TVA) [1] The model is used by Environmental Graphics Engine to simulate multi-step attacks through the network, to attack scenarios defined by user. Analysis of dependencies vulnerabilities, exploits matching preconditions and postconditions, thus generating all possible paths through the network (for a given attack scenario) are done by the engine. The system then provides advanced capabilities for Interactive Visual Analysis of attack graph. It also calculates Optimal Counter Measures, for example, the minimum number of network changes to thwart an attack scenario. 2.2 System architecture of NetSPA tool NetSPA system composed of several software components. Importers, written in PERL, is responsible for reading raw data such as Nessus scan, firewall rule sets, and records NVD database (NVD 2007), and converts the data into the format of a custom binary file for use in the future. Attack graph is a state transition diagram, which depicts ways in which attackers exploit the possible known vulnerabilities to achieve a desired state. The architecture of the intelligent vulnerability analysis model is illustrated in Figure 3. Figure 3 Architecture of intelligent vulnerability analysis model [3] The architecture (Figure 3) contains three modules. The vulnerability scanning module scans the host in the network. The vulnerability classification module classifies the found vulnerabilities patterns in the scanning report into two types i.e. the application vulnerability and misconfiguration vulnerability, and the classified vulnerabilities information are input into the deduction engine as fact files. The module of deduction engine generates atomic attacks and attack graphs [3]. Figure 2 System architecture of NetSPA tool [2] A small program (created by C) acts as a vulnerability classifier. This program is designed to identify vulnerability s locality (remote or local access) and effect (whether root, user, DoS, or other privilege level is Figure 4 Fragment of Deduction Engine [3] Volume 2, Issue 4 July August 2013 Page 406

3 Figure 4 is the fragment of deduction engine. Prolog language is used to simulate the behaviour of the attacker's invasion and a set of Prolog rules are introduced. Compared to algorithms written by C or Java languages, prolog rules is more concise. Fact files from vulnerability classification module, and rule files from security knowledge library, are input into the deduction engine. According to the target query in the automating interactive interface, GNU prolog interpreter can automatically generate atomic attacks and attack graphs [3]. 2.4 Framework for Efficient Analysis The framework for Efficient Analysis is shown in Figure 5. The framework is very similar to MulVAL framework [5]. The differences of these two frameworks are mainly the extended security policies input to the system and the interaction of attack graph and analysis engine. Figure 5 Framework for Efficient Analysis [4] For Windows XP, Saha [4] uses the rules provided by Netra and for SELinux TM he use the rules provided by PAL. Attack graph is shown to the user in the udrawgraph environment. udrawgraph is freely available graphical viewing software which has various abstraction functions to hide/view/zoom graphs or part of it which is exposed to the user for easy navigation and view of attack graphs. It also takes graph input as in Prolog term format which is suitable to generate in Prolog environment. It exposes hooks which can be used to define user-defined function on the events. He uses its API to present customized menu functionality for various analyses on attack graphs. He has used these features to expose interactive functionality to the attack graph. User can select facts nodes and delete/undelete it and see the effects on the attack graph. Based on user options, the changes to the graphical environment can affect the actual network and host, or can temporarily affect the facts existed in the Prolog environment without affecting the actual configuration. The user of the system can see the effect first and then decide to push the changes to the actual network [4]. 3. ATTACK GRAPH GENERATION Attack Graph plays a vital role in network security, as it immediately indicate the existence of vulnerabilities in network and how attackers use the vulnerability to implement an effective attack, the analysis on the attack graph or the simulation of dynamic attacks through attack graph can help us easily figure out vulnerabilities in network, and take the corresponding security measures, to reinforce network security. As far as we know, not all the attackers aim to control the target networks. In satellite communication networks, for example, it is really hard to get privileges promoted, account cheat and waste of resource are more effective attacks. Taking network performance into consideration, we introduce loss of performance to attack graph status and define it as Virtual Performance Node [6]. In [6], Zhao et.al. propose a new method for generation of attack graph, based on VPNs mentioned above. Algorithm: AG_Generation(H,R, s0) Input: host attributes (H), attack rules (R), initial status (s0) Output: attack graph AG Begin Step 1. Build the network status queue, named status_que, and add s0 to it. Step 2. Pick up a next status from status_que. Go to step 3 if this status hasn t been dealt with, or quit. Step 3. a) Take every host as attack source and every host as attack target at a time. b) If the value in Link Matrix for these two hosts (maybe is a same host) is 1, check the Attack Rules and identify the eligible attack rules. c) Executing every attack under these rules and generating a new status at a time. If the new status didn t exist in status_que, add it to the queue. d) Generating graphviz codes to plot attack edge and nodes from previous status to the new status. The probability of this attack can also been determined from attack rules. e) Go to step 2 after every host is tried. End Volume 2, Issue 4 July August 2013 Page 407

4 4. THE PROPOSED FRAMEWORK In the studies conducted until now, we proposed a new framework that can be seen in the Figure 8. Asset Firewall Rules Extractor Model Attack Graph Reducer Evaluator Optimal Hardening Figure 6 Architecture of network graph generation [7] In [7], Zhong et. al. explains that after gathering the information of network, they are able to generate a description of the hosts. Associated with the attack rule library and the attacker profiles given by network security analyst, the attacker-graph generator is able to generate an attack graph of network through the algorithm describe in Figure 7. Figure 6 shows the architecture of this system. Topology Attack Graph Generat or Hardener Figure 8 The Proposed Framework for Analysis A The proposed framework will be implemented using the software that will be developed by the researchers. Explanation of the data network can be seen in the Figure 9. OVAL McAfee Foundscan Symantec Discovery Nessus Retina Asset Asset Inventory Altiris Firewall Rule Checkpoint Topology Secure Sidewinder Reachability IP base NVD Connectivity Adjacency CVE OSVDB Figure 7 Algorithm to generate attack graph [7] Nodes in an attack graph is generated based on the above algorithm represents the host in the network. Attack graph contains attack routes from attacker host to all the victims. The condition in line 7 of the algorithm guarantees that there are no loops in the graph of attacks, and also, each attack is the shortest route. That is, the line of attack in the attack graph is the shortest route from the hosts toward the victim's attacker. Figure 9 The Source of A simulation study which implementing our framework will be done in the next paper. 5. Conclusion This paper discussed some of the framework, architecture and approaches for analyzing the vulnerability of computer networks. Volume 2, Issue 4 July August 2013 Page 408

5 Attack graph provides a powerful way to understand the context and the relative importance of vulnerabilities in systems and networks. Attack graph analysis depends on complete and accurate model of the network. Such models are usually built using data from network (remote) vulnerability scanners such as Nessus. However, the scanning range has a fundamental limitation on the information available about the target host. Our future work is to improve the framework and developing a model for vulnerability analysis including metrics in [8, 11, 12, 13]. A simulation study also will be improved in our next paper. References [1] S. Noel, M. Elder, S. Jajodia, P. Kalapa, S. O Hare, K. Prole, Advances in Topological Analysis, IEEE CATCH [2] L. Williams, R. Lippmann, K. Ingols, An Interactive Attack Graph Cascade and Reachability Display, VIZSEC [3] W. Yi, X. Jinghua, An Intelligent Model for Analysis Using Attack Graph, International Forum on Information Technology and Application, [4] D. Saha, Extending Logical Attack Graphs for Efficient Analysis, CCS 08, Alexandria, Virginia, USA, October 27 31, ACM [5] X. Ou, S. Govindavajhala, A.W. Appel, MulVAL: A Logic-based Analyzer, In SSYM 05: Proceedings of the 14th conference on USENIX Symposium, pages 8 8, Berkeley, CA, USA, [6] Y. Zhao, Z. Wang, X. Zhang, J. Zheng, An Improved Algorithm for Generation of Attack Graph Based on Virtual Performance Node, International Conference on Multimedia Information ing and, [7] S. Zhong, D. Yan, C. Liu, Automatic Generation of Host-based Attack Graph, World Congress on Computer Science and Information Engineering, [8] T.W. Purboyo, B. Rahardjo, Kuspriyanto, I.M. Alamsyah, A New Metrics for Predicting Level, Journal of Global Research in Computer Science, Volume 3, No. 3, March [9] T.W. Purboyo, B. Rahardjo, Kuspriyanto, Metrics: A Brief Survey, 2011 International Conference on Instrumentation, Communication, Information Technology and Biomedical Engineering, Bandung, Indonesia, 8-9 November [10] Irawati, T.W. Purboyo, Developing Computer Program for Computing Eigen pairs of 2x2 Matrices and 3x3 Upper Triangular Matrices Using The Simple Algorithm, Far East Journal of Mathematical Sciences (FJMS), Volume 56, Issue 2, p , September [11] T.W. Purboyo, Kuspriyanto, New Non Path Metrics for Evaluating Based on, International Journal of Computer Science Issue, Volume 9, Issue 4, July [12] T.W. Purboyo, Kuspriyanto, Attack Graph Based Metrics: State of The Art, International Journal of Science and Engineering Investigations, Volume 1, Issue 7, August [13] T.W. Purboyo, Kuspriyanto, Some Algorithm for Generating Attack Graph, International Journal of Advanced Research in Computer Science and Software Engineering, Volume 2, Issue 8, August 2012.A. Bonnaccorsi, On the Relationship between Firm Size and Export Intensity, Journal of International Business Studies, XXIII (4), pp , (journal style) AUTHORS Tito Waluyo Purboyo is currently a Ph.D. student at Institut Teknologi Bandung since August He received his Master's degree in mathematics from Institut Teknologi Bandung in He is currently a research assistant at Department of Computer Engineering, School of Electrical Engineering and Informatics, Institut Teknologi Bandung. His research interest includes security, cryptography, physics and mathematics. Kuspriyanto is Professor of Computer Engineering at Institut Teknologi Bandung. He received his D.E.A. in Automatic System (1979) from USTL France and Ph.D. in Automatic System (1981) from the same university. He is working as a lecturer in Computer Engineering Department, School of Electrical Engineering and Informatics, Institut Teknologi Bandung, Indonesia. His field of interest includes network security, neural network, genetic algorithm, robotics, real time system etc. Volume 2, Issue 4 July August 2013 Page 409

A NEW METRICS FOR PREDICTING NETWORK SECURITY LEVEL

A NEW METRICS FOR PREDICTING NETWORK SECURITY LEVEL Volume 3, No. 3, March 2012 Journal of Global Research in Computer Science RESEARCH PAPER Available Online at www.jgrcs.info A NEW METRICS FOR PREDICTING NETWORK SECURITY LEVEL Tito Waluyo Purboyo *1,

More information

Institut Teknologi Bandung, Jl. Ganesha 10 Bandung 40553, Indonesia

Institut Teknologi Bandung, Jl. Ganesha 10 Bandung 40553, Indonesia Volume 3, Issue 9, September 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A Review of

More information

Advances in Topological Vulnerability Analysis

Advances in Topological Vulnerability Analysis Advances in Topological Vulnerability Analysis Steven Noel 1, Matthew Elder 2, Sushil Jajodia 1, Pramod Kalapa 1, Scott O Hare 3, Kenneth Prole 3 1 Center for Secure Information Systems, George Mason University,

More information

Attack Graph Techniques

Attack Graph Techniques Chapter 2 Attack Graph Techniques 2.1 An example scenario Modern attack-graph techniques can automatically discover all possible ways an attacker can compromise an enterprise network by analyzing configuration

More information

Topological Vulnerability Analysis

Topological Vulnerability Analysis Topological Vulnerability Analysis Sushil Jajodia and Steven Noel Traditionally, network administrators rely on labor-intensive processes for tracking network configurations and vulnerabilities. This requires

More information

A Review on Zero Day Attack Safety Using Different Scenarios

A Review on Zero Day Attack Safety Using Different Scenarios Available online www.ejaet.com European Journal of Advances in Engineering and Technology, 2015, 2(1): 30-34 Review Article ISSN: 2394-658X A Review on Zero Day Attack Safety Using Different Scenarios

More information

Inspection of Vulnerabilities through Attack Graphs and Analyzing Security Metrics Used For Measuring Security in A Network.

Inspection of Vulnerabilities through Attack Graphs and Analyzing Security Metrics Used For Measuring Security in A Network. Inspection of Vulnerabilities through Attack Graphs and Analyzing Security Metrics Used For Measuring Security in A Network. R.Dhaya 1 D.Deepika 2 Associate Professor, Department of CSE, Velammal Engineering

More information

Metrics Suite for Enterprise-Level Attack Graph Analysis

Metrics Suite for Enterprise-Level Attack Graph Analysis Metrics Suite for Enterprise-Level Attack Graph Analysis Cyber Security Division 2012 Principal Investigators Meeting October 11, 2012 Sushil Jajodia (PI), Steven Noel (co-pi) Metrics Suite for Enterprise-Level

More information

NV: Nessus Vulnerability Visualization for the Web

NV: Nessus Vulnerability Visualization for the Web NV: Nessus Vulnerability Visualization for the Web Lane Harrison harrisonlt@ornl.gov Evan Downing epdowning@gmail.com Riley Spahn spahnrb1@ornl.gov John R. Goodall jgoodall@ornl.gov Mike Iannacone iannaconemd@ornl.gov

More information

How To Test Performance Of A Network Attack Graph On A Network

How To Test Performance Of A Network Attack Graph On A Network Performance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generation James Cullum, Cynthia Irvine and Tim Levin Naval Postgraduate School, Monterey,

More information

How To Analyze And Detect A Network Attack Through A Network Graph

How To Analyze And Detect A Network Attack Through A Network Graph Advanced Vulnerability Analysis and Intrusion Detection Through Predictive Attack Graphs Steven Noel and Sushil Jajodia Center for Secure Information Systems, George Mason University, Fairfax, VA, USA

More information

GVScan: Scanning Networks for Global Vulnerabilities

GVScan: Scanning Networks for Global Vulnerabilities 1 GVScan: Scanning Networks for Global Vulnerabilities Fabrizio Baiardi, Fabio Corò and Federico Tonelli Department of Computer Science, University of Pisa, Pisa, Italy Email: [baiardi,fcoro,tonelli]@di.unipi.it

More information

Proactive Intrusion Prevention and Response via Attack Graphs

Proactive Intrusion Prevention and Response via Attack Graphs Proactive Intrusion Prevention and Response via Attack Graphs Steven Noel and Sushil Jajodia Center for Secure Information Systems, George Mason University {snoel, jajodia}@gmu.edu Network defense today

More information

ON ATTACK GRAPH MODEL OF NETWORK SECURITY. Hasmik Sahakyan, Daryoush Alipour

ON ATTACK GRAPH MODEL OF NETWORK SECURITY. Hasmik Sahakyan, Daryoush Alipour 26 ON ATTACK GRAPH MODEL OF NETWORK SECURITY Hasmik Sahakyan, Daryoush Alipour Abstract: All types of network systems are subject to computer attacks. The overall security of a network cannot be determined

More information

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION Table of Contents Executive Summary...3 Vulnerability Scanners Alone Are Not Enough...3 Real-Time Change Configuration Notification is the

More information

VEA-bility Security Metric: A Network Security Analysis Tool

VEA-bility Security Metric: A Network Security Analysis Tool VEA-bility Security Metric: A Network Security Analysis Tool Melanie Tupper Dalhousie University tupper@cs.dal.ca A. Nur Zincir-Heywood Dalhousie University zincir@cs.dal.ca Abstract In this work, we propose

More information

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE:

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE: PENETRATION TESTING A SYSTEMATIC APPROACH INTRODUCTION: The basic idea behind writing this article was to put forward a systematic approach that needs to be followed to perform a successful penetration

More information

Virtual Terrain: A Security-Based Representation of a Computer Network

Virtual Terrain: A Security-Based Representation of a Computer Network Virtual Terrain: A Security-Based Representation of a Computer Network Jared Holsopple* a, Shanchieh Yang b, Brian Argauer b a CUBRC, 4455 Genesee St, Buffalo, NY, USA 14225; b Dept. of Computer Engineering,

More information

VEA-bility Analysis of Network Diversification

VEA-bility Analysis of Network Diversification VEA-bility Analysis of Network Diversification Melanie Tupper Supervised by Nur Zincir-Heywood Faculty of Computer Science, Dalhousie University tupper@cs.dal.ca zincir@cs.dal.ca August 31, 2007 Abstract:

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

Network security (Part II): Can we do a better job? "

Network security (Part II): Can we do a better job? Network security (Part II): Can we do a better job? Rattikorn Hewett Outline State of the practices Drawbacks and Issues A proposed alternative NSF SFS Workshop August 14-18, 2014 2 Computer Network Computer

More information

MulVAL: A logic-based network security analyzer

MulVAL: A logic-based network security analyzer 14th USENIX Security Symposium, August 2005 MulVAL: A logic-based network security analyzer Xinming Ou, Sudhakar Govindavajhala, and Andrew W. Appel Princeton University Outline Introduction Representation

More information

Practical Attack Graph Generation for Network Defense

Practical Attack Graph Generation for Network Defense Practical Attack Graph Generation for Network Defense Kyle Ingols, Richard Lippmann, Keith Piwowarski MIT Lincoln Laboratory 244 Wood Street Lexington, Massachusetts 02420-9108 Email: {kwi, rpl, piwowk}@ll.mit.edu

More information

Attack graph analysis using parallel algorithm

Attack graph analysis using parallel algorithm Attack graph analysis using parallel algorithm Dr. Jamali Mohammad (m.jamali@yahoo.com) Ashraf Vahid, MA student of computer software, Shabestar Azad University (vahid.ashraf@yahoo.com) Ashraf Vida, MA

More information

Optimal IDS Sensor Placement And Alert Prioritization Using Attack Graphs

Optimal IDS Sensor Placement And Alert Prioritization Using Attack Graphs Optimal IDS Sensor Placement And Alert Prioritization Using Attack Graphs Steven Noel and Sushil Jajodia Center for Secure Information Systems George Mason University, Fairfax, Virginia Abstract We optimally

More information

A logic-programming approach to. network security analysis

A logic-programming approach to. network security analysis A logic-programming approach to network security analysis Xinming Ou A Dissertation Presented to the Faculty of Princeton University in Candidacy for the Degree of Doctor of Philosophy Recommended for

More information

Fault Localization in a Software Project using Back- Tracking Principles of Matrix Dependency

Fault Localization in a Software Project using Back- Tracking Principles of Matrix Dependency Fault Localization in a Software Project using Back- Tracking Principles of Matrix Dependency ABSTRACT Fault identification and testing has always been the most specific concern in the field of software

More information

Vulnerability Assessment Report Format Data Model

Vulnerability Assessment Report Format Data Model I3E'2005 Vulnerability Assessment Report Format Data Model Dr.D.Polemi G.Valvis Issues Attack paradigm Vulnerability exploit life cycle Vulnerability assessment process Challenges in vulnerability assessment

More information

A Cyber Attack Modeling and Impact Assessment Framework

A Cyber Attack Modeling and Impact Assessment Framework 2013 5th International Conference on Cyber Conflict K. Podins, J. Stinissen, M. Maybaum (Eds.) 2013 NATO CCD COE Publications, Tallinn Permission to make digital or hard copies of this publication for

More information

A Novel Approach on Zero Day Attack Safety Using Different Scenarios

A Novel Approach on Zero Day Attack Safety Using Different Scenarios A Novel Approach on Zero Day Attack Safety Using Different Scenarios 1Shaik Yedulla Peer,2N. Mahesh, 3 R. Lakshmi Tulasi 2 Assist Professor, 3 Head of The Department sypeer@gmail.com Abstract-A zero day

More information

CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS

CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS CPNI VIEWPOINT CYBER SECURITY ASSESSMENTS OF INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Cyber Security Assessments of Industrial Control Systems Good Practice

More information

A HOST-BASED SECURITY ASSESSMENT ARCHITECTURE FOR INDUSTRIAL CONTROL SYSTEMS

A HOST-BASED SECURITY ASSESSMENT ARCHITECTURE FOR INDUSTRIAL CONTROL SYSTEMS A HOST-BASED SECURITY ASSESSMENT ARCHITECTURE FOR INDUSTRIAL CONTROL SYSTEMS Abhishek Rakshit Department of Computing and Information Sciences Kansas State University abhirak@ksu.edu Xinming Ou Department

More information

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system

More information

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options White paper What a Vulnerability Assessment Scanner Can t Tell You Leveraging Network Context to Prioritize Remediation Efforts and Identify Options november 2011 WHITE PAPER RedSeal Networks, Inc. 3965

More information

Vulnerability Management

Vulnerability Management Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other

More information

Statistical Analysis of Computer Network Security. Goran Kap and Dana Ali

Statistical Analysis of Computer Network Security. Goran Kap and Dana Ali Statistical Analysis of Computer Network Security Goran Kap and Dana Ali October 7, 2013 Abstract In this thesis it is shown how to measure the annual loss expectancy of computer networks due to the risk

More information

Review Article Use of Attack Graphs in Security Systems

Review Article Use of Attack Graphs in Security Systems Journal of Computer Networks and Communications, Article ID 818957, 13 pages http://dx.doi.org/10.1155/2014/818957 Review Article Use of Attack Graphs in Security Systems Vivek Shandilya, 1 Chris B. Simmons,

More information

Structuring a Vulnerability Description for Comprehensive Single System Security Analysis

Structuring a Vulnerability Description for Comprehensive Single System Security Analysis Structuring a Vulnerability Description for Comprehensive Single System Security Analysis Malgorzata Urbanska, Indrajit Ray, Adele E. Howe, Mark Roberts Computer Science Department Colorado State University

More information

NETWORK PENETRATION TESTING

NETWORK PENETRATION TESTING Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes

More information

NIST Interagency Report 7788 Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs

NIST Interagency Report 7788 Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs NIST Interagency Report 7788 Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs Anoop Singhal Ximming Ou NIST Interagency Report 7788 Security Risk Analysis of Enterprise Networks

More information

ECS 235A Project - NVD Visualization Using TreeMaps

ECS 235A Project - NVD Visualization Using TreeMaps ECS 235A Project - NVD Visualization Using TreeMaps Kevin Griffin Email: kevgriffin@ucdavis.edu December 12, 2013 1 Introduction The National Vulnerability Database (NVD) is a continuously updated United

More information

arxiv:1306.4044v2 [cs.cr] 19 Jun 2013

arxiv:1306.4044v2 [cs.cr] 19 Jun 2013 Attack Planning in the Real World Jorge Lucangeli Obes Core Security Technologies jlucangelio@coresecurity.com Carlos Sarraute and Gerardo Richarte Core Security Technologies and Instituto Tecnologico

More information

Quantitative Security Risk Analysis of Enterprise Systems: Techniques and Challenges Tutorial ICISS, December 2014

Quantitative Security Risk Analysis of Enterprise Systems: Techniques and Challenges Tutorial ICISS, December 2014 Quantitative Security Risk Analysis of Enterprise Systems: Techniques and Challenges Tutorial ICISS, December 2014 Anoop Singhal Computer Security Division National Institute of Standards and Technology

More information

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK

WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK WHITE PAPER ON SECURITY TESTING IN TELECOM NETWORK DATE OF RELEASE: 27 th July 2012 Table of Contents 1. Introduction... 2 2. Need for securing Telecom Networks... 3 3. Security Assessment Techniques...

More information

NetSecuritas: An Integrated Attack Graph-based Security Assessment Tool for Enterprise Networks

NetSecuritas: An Integrated Attack Graph-based Security Assessment Tool for Enterprise Networks NetSecuritas: An Integrated Attack Graph-based Security Assessment Tool for Enterprise Networks ABSTRACT Nirnay Ghosh School of IT Indian Institute of Technology Kharagpur 721302, India nirnay.ghosh@gmail.com

More information

Modeling Modern Network Attacks and Countermeasures Using Attack Graphs

Modeling Modern Network Attacks and Countermeasures Using Attack Graphs Modeling Modern Network Attacks and Countermeasures Using Attack Graphs Kyle Ingols, Matthew Chu, Richard Lippmann, Seth Webster, Stephen Boyer MIT Lincoln Laboratory 244 Wood Street Lexington, Massachusetts

More information

A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures

A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures Dr.Thaier Hamid University of Bedfordshire, UK Prof. Carsten Maple, University of Bedfordshire, UK ABSTRACT Computer networks

More information

A Review of Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems

A Review of Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems A Review of Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems Trupti Dange 1, Pankaj Bhalerao 2 1 Professor, Department of Computer Engineering, RMD Sinhgad School of

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

Foundstone ERS remediation System

Foundstone ERS remediation System Expediting Incident Response with Foundstone ERS Foundstone Inc. August, 2003 Enterprise Risk Solutions Platform Supports Successful Response and Remediation Introduction The Foundstone Enterprise Risk

More information

Cyber Security RFP Template

Cyber Security RFP Template About this document This RFP template was created to help IT security personnel make an informed decision when choosing a cyber security solution. In this template you will find categories for initial

More information

WHITE PAPER. An Introduction to Network- Vulnerability Testing

WHITE PAPER. An Introduction to Network- Vulnerability Testing An Introduction to Network- Vulnerability Testing C ONTENTS + Introduction 3 + Penetration-Testing Overview 3 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and

More information

Information Technology Career Field Pathways and Course Structure

Information Technology Career Field Pathways and Course Structure Information Technology Career Field Pathways and Course Structure Courses in Information Support and Services (N0) Computer Hardware 2 145025 Computer Software 145030 Networking 2 145035 Network Operating

More information

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

ITEC441- IS Security. Chapter 15 Performing a Penetration Test 1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and

More information

An Introduction to Network Vulnerability Testing

An Introduction to Network Vulnerability Testing CONTENTS Introduction 3 Penetration Testing Overview 4 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and Delivering Results 6 VeriSign SecureTEST 7 Common Vulnerability

More information

ISSN : 2347-7385. Asian Journal of Engineering and Technology Innovation 02 (05) 2014 (05-09) QR Code for Mobile users

ISSN : 2347-7385. Asian Journal of Engineering and Technology Innovation 02 (05) 2014 (05-09) QR Code for Mobile users ISSN : 2347-7385 Received on: 01-10-2014 Accepted on: 10-10-2014 Published on: 22-10-2014 Mehul Das Dept. of computerscience Dr.D.Y. PatilInsti. Of Engg. & Tech., Pune Email: Mehuldas3@gmail.com Vikram.jaygude20@gmail.com

More information

Distributed Computing and Big Data: Hadoop and MapReduce

Distributed Computing and Big Data: Hadoop and MapReduce Distributed Computing and Big Data: Hadoop and MapReduce Bill Keenan, Director Terry Heinze, Architect Thomson Reuters Research & Development Agenda R&D Overview Hadoop and MapReduce Overview Use Case:

More information

Penetration Test Report

Penetration Test Report Penetration Test Report Acme Test Company ACMEIT System 26 th November 2010 Executive Summary Info-Assure Ltd was engaged by Acme Test Company to perform an IT Health Check (ITHC) on the ACMEIT System

More information

Network Attack Platform

Network Attack Platform Design and Implementation of a Network Attack Platform Based on Plug-in Technology Li Gen, Wang Bailing *, Liu Yang, Bai Xuefeng and Yuan Xinling Department of Computer Science & Technology Harbin Institute

More information

QSec: Supporting Security Decisions on an IT Infrastructure

QSec: Supporting Security Decisions on an IT Infrastructure QSec: Supporting Security Decisions on an IT Infrastructure [F.Baiardi, F.Tonelli, F.Corò] 1 and L.Guidi 2 1 Dipartimento di Informatica, Università di Pisa 2 ENEL Engineering and Research SpA, Pisa, Italy

More information

Redhawk Network Security, LLC 62958 Layton Ave., Suite One, Bend, OR 97701 sales@redhawksecurity.com 866-605- 6328 www.redhawksecurity.

Redhawk Network Security, LLC 62958 Layton Ave., Suite One, Bend, OR 97701 sales@redhawksecurity.com 866-605- 6328 www.redhawksecurity. Planning Guide for Penetration Testing John Pelley, CISSP, ISSAP, MBCI Long seen as a Payment Card Industry (PCI) best practice, penetration testing has become a requirement for PCI 3.1 effective July

More information

International Journal of Advancements in Research & Technology, Volume 3, Issue 4, April-2014 55 ISSN 2278-7763

International Journal of Advancements in Research & Technology, Volume 3, Issue 4, April-2014 55 ISSN 2278-7763 International Journal of Advancements in Research & Technology, Volume 3, Issue 4, April-2014 55 Management of Wireless sensor networks using cloud technology Dipankar Mishra, Department of Electronics,

More information

How To Understand and Configure Your Network for IntraVUE

How To Understand and Configure Your Network for IntraVUE How To Understand and Configure Your Network for IntraVUE Summary This document attempts to standardize the methods used to configure Intrauve in situations where there is little or no understanding of

More information

System Specification. Author: CMU Team

System Specification. Author: CMU Team System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect

More information

Validating and Restoring Defense in Depth Using Attack Graphs

Validating and Restoring Defense in Depth Using Attack Graphs Validating and Restoring efense in epth Using Attack Graphs Richard Lippmann, Kyle Ingols, hris Scott, Keith Piwowarski, Kendra Kratkiewicz, Mike Artz, Robert unningham MIT Lincoln Laboratory 244 Wood

More information

Keywords Vulnerability Scanner, Vulnerability assessment, computer security, host security, network security, detecting security flaws, port scanning.

Keywords Vulnerability Scanner, Vulnerability assessment, computer security, host security, network security, detecting security flaws, port scanning. Volume 4, Issue 12, December 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com A Network

More information

Information Security Attack Tree Modeling for Enhancing Student Learning

Information Security Attack Tree Modeling for Enhancing Student Learning Information Security Attack Tree Modeling for Enhancing Student Learning Jidé B. Odubiyi, Computer Science Department Bowie State University, Bowie, MD and Casey W. O Brien, Network Technology Department

More information

A MODIFIED NICE MECHANISM WITH DISTRIBUTED HOST-BASED IDS (D-HIDS) SYSTEM

A MODIFIED NICE MECHANISM WITH DISTRIBUTED HOST-BASED IDS (D-HIDS) SYSTEM International Journal of scientific research and management (IJSRM) Volume 2 Issue 4 Pages 732-737 2013 Website: www.ijsrm.in ISSN (e): 2321-3418 A MODIFIED NICE MECHANISM WITH DISTRIBUTED HOST-BASED IDS

More information

Essential Considerations for Penetration test result presentation

Essential Considerations for Penetration test result presentation Essential Considerations for Penetration test result presentation Carlos Ramos 1), Tai-hoon Kim 2) Abstract A penetration test is usually performed to uncover technical weaknesses in a computer installation.

More information

Efficiently Managing Firewall Conflicting Policies

Efficiently Managing Firewall Conflicting Policies Efficiently Managing Firewall Conflicting Policies 1 K.Raghavendra swamy, 2 B.Prashant 1 Final M Tech Student, 2 Associate professor, Dept of Computer Science and Engineering 12, Eluru College of Engineeering

More information

Total Protection for Compliance: Unified IT Policy Auditing

Total Protection for Compliance: Unified IT Policy Auditing Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

Proof of Concept. A New Data Validation Technique for Microsoft ASP.NET Web Applications. Foundstone Professional Services

Proof of Concept. A New Data Validation Technique for Microsoft ASP.NET Web Applications. Foundstone Professional Services Proof of Concept A New Data Validation Technique for Microsoft ASP.NET Web Applications Foundstone Professional Services February 2005 Introduction Despite significant awareness of security issues like

More information

Implementation of Botcatch for Identifying Bot Infected Hosts

Implementation of Botcatch for Identifying Bot Infected Hosts Implementation of Botcatch for Identifying Bot Infected Hosts GRADUATE PROJECT REPORT Submitted to the Faculty of The School of Engineering & Computing Sciences Texas A&M University-Corpus Christi Corpus

More information

A Practical Approach to Threat Modeling

A Practical Approach to Threat Modeling A Practical Approach to Threat Modeling Tom Olzak March 2006 Today s security management efforts are based on risk management principles. In other words, security resources are applied to vulnerabilities

More information

AN OVERVIEW OF VULNERABILITY SCANNERS

AN OVERVIEW OF VULNERABILITY SCANNERS AN OVERVIEW OF VULNERABILITY SCANNERS February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole

More information

Technique of Data Visualization: Example of Network Topology Display for Security Monitoring

Technique of Data Visualization: Example of Network Topology Display for Security Monitoring Technique of Data Visualization: Example of Network Topology Display for Security Monitoring Maxim Kolomeec, Andrey Chechulin, Anton Pronoza, and Igor Kotenko Laboratory of Computer Security Problems St.

More information

Software Application Control and SDLC

Software Application Control and SDLC Software Application Control and SDLC Albert J. Marcella, Jr., Ph.D., CISA, CISM 1 The most effective way to achieve secure software is for its development life cycle processes to rigorously conform to

More information

strategic white paper

strategic white paper strategic white paper AUTOMATED PLANNING FOR REMOTE PENETRATION TESTING Lloyd Greenwald and Robert Shanley LGS Innovations / Bell Labs Florham Park, NJ US In this work we consider the problem of automatically

More information

Risk Evaluation by Vulnerability Detection Tools for IT Department of the Royal Thai Army

Risk Evaluation by Vulnerability Detection Tools for IT Department of the Royal Thai Army Risk Evaluation by Vulnerability Detection Tools for IT Department of the Royal Thai Army ANIWAT HEMANIDHI SANONCHIMMANEE PARINYA SANGUANSAT Facultyof Faculty of Faculty of Information Technology Information

More information

A Review of Anomaly Detection Techniques in Network Intrusion Detection System

A Review of Anomaly Detection Techniques in Network Intrusion Detection System A Review of Anomaly Detection Techniques in Network Intrusion Detection System Dr.D.V.S.S.Subrahmanyam Professor, Dept. of CSE, Sreyas Institute of Engineering & Technology, Hyderabad, India ABSTRACT:In

More information

Chapter 5 TOPOLOGICAL ANALYSIS OF NETWORK ATTACK VULNERABILITY 1. INTRODUCTION

Chapter 5 TOPOLOGICAL ANALYSIS OF NETWORK ATTACK VULNERABILITY 1. INTRODUCTION Chapter 5 TOPOLOGICAL ANALYSIS OF NETWORK ATTACK VULNERABILITY Sushil Jaodia, Steven Noel, Brian O Berry Center for Secure Information Systems, George Mason University Abstract: Key words: To understand

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

A Biologically Inspired Approach to Network Vulnerability Identification

A Biologically Inspired Approach to Network Vulnerability Identification A Biologically Inspired Approach to Network Vulnerability Identification Evolving CNO Strategies for CND Todd Hughes, Aron Rubin, Andrew Cortese,, Harris Zebrowitz Senior Member, Engineering Staff Advanced

More information

Attack Graph based Evaluation of Network Security

Attack Graph based Evaluation of Network Security Attack Graph based Evaluation of Network Security Igor Kotenko and Mikhail Stepashkin SPIIRAS, 39, 14 Liniya, St.-Petersburg, 199178, Russia {ivkote, stepashkin}@comsec.spb.ru Abstract. The perspective

More information

Cyberspace Forensics Readiness and Security Awareness Model

Cyberspace Forensics Readiness and Security Awareness Model Cyberspace Forensics Readiness and Security Awareness Model Aadil Al-Mahrouqi Sameh Abdalla Tahar Kechadi Abstract The goal of reaching a high level of security in wire- less and wired communication networks

More information

About Effective Penetration Testing Methodology

About Effective Penetration Testing Methodology 보안공학연구논문지 (Journal of Security Engineering), 제 5권 제 5호 2008년 10월 About Effective Penetration Testing Methodology Byeong-Ho KANG 1) Abstract Penetration testing is one of the oldest methods for assessing

More information

EECS PhD Comprehensive Examination Guidelines

EECS PhD Comprehensive Examination Guidelines EECS PhD Comprehensive Examination Guidelines EECS Graduate and Research Committee Graduate students accepted in the EECS doctoral program may take comprehensive exam as early as the last semester of their

More information

Component visualization methods for large legacy software in C/C++

Component visualization methods for large legacy software in C/C++ Annales Mathematicae et Informaticae 44 (2015) pp. 23 33 http://ami.ektf.hu Component visualization methods for large legacy software in C/C++ Máté Cserép a, Dániel Krupp b a Eötvös Loránd University mcserep@caesar.elte.hu

More information

TECHNICAL NOTE 08/04 IINTRODUCTION TO VULNERABILITY ASSESSMENT TOOLS

TECHNICAL NOTE 08/04 IINTRODUCTION TO VULNERABILITY ASSESSMENT TOOLS TECHNICAL NOTE 08/04 IINTRODUCTION TO VULNERABILITY ASSESSMENT TOOLS 1 OCTOBER 2004 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor

More information

PSG College of Technology, Coimbatore-641 004 Department of Computer & Information Sciences BSc (CT) G1 & G2 Sixth Semester PROJECT DETAILS.

PSG College of Technology, Coimbatore-641 004 Department of Computer & Information Sciences BSc (CT) G1 & G2 Sixth Semester PROJECT DETAILS. PSG College of Technology, Coimbatore-641 004 Department of Computer & Information Sciences BSc (CT) G1 & G2 Sixth Semester PROJECT DETAILS Project Project Title Area of Abstract No Specialization 1. Software

More information

Vulnerability assessment tools

Vulnerability assessment tools 5 Vulnerability assessment tools 5.1 Introduction The vulnerabilities and exploitable flaws in the software or hardware of a computer system give individuals, who are aware of these flaws, the opportunity

More information

Toward Measuring Network Security Using Attack Graphs

Toward Measuring Network Security Using Attack Graphs Toward Measuring Network Security Using Attack Graphs Lingyu Wang Concordia Institute for Information Systems Engineering Concordia University Montreal, QC H3G 1M8, Canada wang@ciise.concordia.ca Anoop

More information

User s Guide. Skybox Risk Control 7.0.0. Revision: 11

User s Guide. Skybox Risk Control 7.0.0. Revision: 11 User s Guide Skybox Risk Control 7.0.0 Revision: 11 Copyright 2002-2014 Skybox Security, Inc. All rights reserved. This documentation contains proprietary information belonging to Skybox Security and is

More information

The Importance of Vulnerability Assessment For Your Organisation

The Importance of Vulnerability Assessment For Your Organisation RCS Newsletter January 2011 Vulnerability Assessment Fitting it into your Increasing incidents of automated attacks on information systems Automated attacks on information systems, and especially attacks

More information

A Study on the Security aspects of Network System Using Penetration Testing

A Study on the Security aspects of Network System Using Penetration Testing A Study on the Security aspects of Network System Using Penetration Testing 1 Shwetabh Suman, 2 Vedant Rastogi 1,2 Institute of Engineering and Technology, Alwar, India 1 shwetabhsuman13@gmail.com 2 vedantnoki@gmail.com

More information

CyberNEXS Global Services

CyberNEXS Global Services CyberNEXS Global Services CYBERSECURITY A cyber training, exercising, competition and certification product for maximizing the cyber skills of your workforce The Cyber Network EXercise System CyberNEXS

More information

Viewfinity Privilege Management Integration with Microsoft System Center Configuration Manager. By Dwain Kinghorn

Viewfinity Privilege Management Integration with Microsoft System Center Configuration Manager. By Dwain Kinghorn 4 0 0 T o t t e n P o n d R o a d W a l t h a m, M A 0 2 4 5 1 7 8 1. 8 1 0. 4 3 2 0 w w w. v i e w f i n i t y. c o m Viewfinity Privilege Management Integration with Microsoft System Center Configuration

More information

Data Driven Assessment of Cyber Risk:

Data Driven Assessment of Cyber Risk: Data Driven Assessment of Cyber Risk: Challenges in Assessing and Mitigating Cyber Risk Mustaque Ahamad, Saby Mitra and Paul Royal Georgia Tech InformationSecurity Center Georgia Tech Research Institute

More information