POMPDs Make Better Hackers: Accounting for Uncertainty in Penetration Testing. By: Chris Abbott

Save this PDF as:
Size: px
Start display at page:

Download "POMPDs Make Better Hackers: Accounting for Uncertainty in Penetration Testing. By: Chris Abbott"

Transcription

1 POMPDs Make Better Hackers: Accounting for Uncertainty in Penetration Testing By: Chris Abbott

2 Introduction What is penetration testing? Methodology for assessing network security, by generating and executing possible attacks exploiting know vulnerabilities of Operating Systems and applications. Why Allows for regular and systematic testing without a prohibitive amount of human labor. More accessible to non-experts

3 Introduction Attack Planning How to automatically generate attacks? Very technical, addresses the low-level system configuration details. Commercial Software Core Insight Enterprise Does not handle uncertainty (SW upgrades, etc) Difficult to keep updated

4 Introduction COTS : Attack Planning Encoded using PDDL, using a variant of Metric-FF. Uncertainty Limited by ability to handle Cannot be up-to-date with details of configuration of every machine in the network

5 Introduction Scanning: Addresses machine configuration Scanning methods as a pre-process to planning Drawbacks: Incurs significant costs in terms of running time, network traffic Scans have a residual uncertainty

6 Introduction This paper proposes solutions to: A solution to scanning run time A solution to scanning uncertainty

7 Introduction Incomplete Knowledge: Encode uncertainty of state Modeling the possible network configurations in terms of a probability distribution

8 Introduction Scans and Exploits: Are deterministic (outcome depends only on the state they are executed in) Rewards: Negative rewards encode the cost The duration Positive rewards encode the value of targets attained

9 Introduction POMDPs fail to scale to large networks Input model grows exponentially in the number of machines

10 Introduction Networks are viewed as graphs Vertices are fully-connected subnetworks Arcs encode the connections between these, filtered by firewalls Graph is decomposed into biconnected components

11 Introduction We approximate the attacks on these components by combining attacks on individual subnetworks We approx this by combining attacks on individual machines Attacks on individual machines are modeled and solved as POMDPs Solutions are propagated back up

12 Preliminaries Network Structure Viewed as directed graphs whose vertices are given by the set M of machines Arcs are connections between pairs of m M Network graphs tends to consist of subnetworks (i.e. clusters)

13 Preliminaries Penetration Testing: Impossible to keep track of all the configuration details

14 Preliminaries POMDPs: Define as a tuple <S,A,0,T,O,r,b0> states S, actions A, Observations 0, reward r Transition function T, Observation function O Agent must find a decision at each step, based on past observations, in order to maximize reward Agent reasons about hidden state of system using a belief state b, a prob distribution over S

15 POMDP Model States: Network Structure and Firewall filtering rules are static POMDP variables that encode these aspects. Pre-processed and not included in the model

16 POMDP Model States: Capture the status of each machine Controlled, reached, not reached Terminal state Giving up the attack State space is huge S = O( C ^ M ) Will run POMDPs on single machines M =1

17 POMDP Model Actions: Two main types Scans: gains knowledge about configuration OS detection, ports Exploits: make use of a vulnerability to gain control over a machine Buffer overflow

18 POMDP Model Rewards: Reward depends on the scan/exploit action r(s, a, s' ) = re (s, a, s' ) + rt (a) + rd (a) re is the value of the attacked machine exploit rt is a cost that depends on the action's duration rd is a cost that reflects the risk of detection

19 POMDP Model Designing the Initial Belief: Initial belief is a concrete configuration Future belief: Knowledge of network depends on previous Uncertainty arises from software updates Encoded in terms of Markov chain

20 4AL Decomposition Algorithm Overview: 4AL algorithm using decomposition and approximation POMDPs do not scale to large networks POMDPs used only to attack individual machines Is a POMDP solver specialized to attack planning Input: a logical network and POMDP model encoding attacks on individual machines Output: policy for the global POMDP encoding

21 4AL Decomposition Algorithm Level 1: Decompose the logical network into a tree of biconnected components More than one path to attack a subnetwork

22 4AL Decomposition Algorithm Level 2: Given a component C, for each rewarded subnetwork N C, all paths in C that reach N Considers individual attack paths within C Any single path P is a sequence of attacks on individual subnetworks

23 4AL Decomposition Algorithm Level 3: Given subnetwork N and a firewall F through which to attack N, for each machine m N Approximate the reward for attacking m first After breaking m we are behind F

24 4AL Decomposition Algorithm Level 4: Given machine m and a firewall F Model a single-machine attack planning problem as a POMDP Has low-order polynomial runtime

25 Experiments Test Scenario: Composed of three areas: exposed, sensitive and user

26 Experiments Approximation Loss Relative loss of quality when running 4AL instead of a global POMDP solution (a) Attack quality comparison. (b) Runtime of 4AL.

27 Experiments Scaling Up Scaling up to larger values of M shows that 4AL is polynomial Scaling to larger values of E yields more challenging single-machine POMDPs, resulting in steep growth of runtime.

28 Conclusion Devised a POMDP Model that represents Incomplete knowledge about the network configuration Dependencies between different attack possibilities and firewalls. Intelligently mix scans with exploits While accurate Decomposition algorithm, with small loss in quality

POMDPs Make Better Hackers: Accounting for Uncertainty in Penetration Testing

POMDPs Make Better Hackers: Accounting for Uncertainty in Penetration Testing POMDPs Make Better Hackers: Accounting for Uncertainty in Penetration Testing Carlos Sarraute Core Security & ITBA Buenos Aires, Argentina carlos@coresecurity.com Olivier Buffet INRIA Nancy, France buffet@loria.fr

More information

Some Research Directions in Automated Pentesting

Some Research Directions in Automated Pentesting Carlos Sarraute Research Directions in Automated Pentesting 1/50 Some Research Directions in Automated Pentesting Carlos Sarraute CoreLabs & ITBA PhD program Buenos Aires, Argentina H2HC October 29/30,

More information

Penetration Testing == POMDP Solving?

Penetration Testing == POMDP Solving? Penetration Testing == POMDP Solving? Carlos Sarraute Core Security Technologies & ITBA Buenos Aires, Argentina carlos@coresecurity.com Olivier Buffet and Jörg Hoffmann INRIA Nancy, France {olivier.buffet,joerg.hoffmann}@loria.fr

More information

Penetration Testing == POMDP Solving?

Penetration Testing == POMDP Solving? Penetration Testing == POMDP Solving? Carlos Sarraute Core Security Technologies & ITBA Buenos Aires, Argentina carlos@coresecurity.com Olivier Buffet and Jörg Hoffmann INRIA Nancy, France {olivier.buffet,joerg.hoffmann}@loria.fr

More information

Attack Graph Techniques

Attack Graph Techniques Chapter 2 Attack Graph Techniques 2.1 An example scenario Modern attack-graph techniques can automatically discover all possible ways an attacker can compromise an enterprise network by analyzing configuration

More information

Decomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces

Decomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces Software Engineering, Lecture 4 Decomposition into suitable parts Cross cutting concerns Design patterns I will also give an example scenario that you are supposed to analyse and make synthesis from The

More information

Network Mission Assurance

Network Mission Assurance Network Mission Assurance Michael F. Junod, Patrick A. Muckelbauer, PhD, Todd C. Hughes, PhD, Julius M. Etzl, and James E. Denny Lockheed Martin Advanced Technology Laboratories Camden, NJ 08102 {mjunod,pmuckelb,thughes,jetzl,jdenny}@atl.lmco.com

More information

Passing PCI Compliance How to Address the Application Security Mandates

Passing PCI Compliance How to Address the Application Security Mandates Passing PCI Compliance How to Address the Application Security Mandates The Payment Card Industry Data Security Standards includes several requirements that mandate security at the application layer. These

More information

A Simple Guide to Successful. Penetration Testing

A Simple Guide to Successful. Penetration Testing A Simple Guide to Successful Penetration Testing Table of Contents Penetration Testing, Simplified. Scanning is Not Testing. Test Well. Test Often. Pen Test to Avoid a Mess. Six-phase Methodology. A Few

More information

strategic white paper

strategic white paper strategic white paper AUTOMATED PLANNING FOR REMOTE PENETRATION TESTING Lloyd Greenwald and Robert Shanley LGS Innovations / Bell Labs Florham Park, NJ US In this work we consider the problem of automatically

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system

More information

Web application security: automated scanning versus manual penetration testing.

Web application security: automated scanning versus manual penetration testing. Web application security White paper January 2008 Web application security: automated scanning versus manual penetration testing. Danny Allan, strategic research analyst, IBM Software Group Page 2 Contents

More information

TIME TO LIVE ON THE NETWORK

TIME TO LIVE ON THE NETWORK TIME TO LIVE ON THE NETWORK Executive Summary This experiment tests to see how well commonly used computer platforms withstand Internet attacks in the wild. The experiment quantifies the amount of time

More information

Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda

Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda 1. Introductions for new members (5 minutes) 2. Name of group 3. Current

More information

1. Nondeterministically guess a solution (called a certificate) 2. Check whether the solution solves the problem (called verification)

1. Nondeterministically guess a solution (called a certificate) 2. Check whether the solution solves the problem (called verification) Some N P problems Computer scientists have studied many N P problems, that is, problems that can be solved nondeterministically in polynomial time. Traditionally complexity question are studied as languages:

More information

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process Complete Web Application Security Phase1-Building Web Application Security into Your Development Process Table of Contents Introduction 3 Thinking of security as a process 4 The Development Life Cycle

More information

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION Table of Contents Executive Summary...3 Vulnerability Scanners Alone Are Not Enough...3 Real-Time Change Configuration Notification is the

More information

ensuring security the way how we do it

ensuring security the way how we do it ensuring security the way how we do it HUSTEF, 2015.11.18 Attila Tóth 1 Nokia Solutions and Networks 2014 Disclaimer The ideas, processes, tools are presented from a practitioner s point of view working

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning

More information

Transparent Monitoring of a Process Self in a Virtual Environment

Transparent Monitoring of a Process Self in a Virtual Environment Transparent Monitoring of a Process Self in a Virtual Environment PhD Lunchtime Seminar Università di Pisa 24 Giugno 2008 Outline Background Process Self Attacks Against the Self Dynamic and Static Analysis

More information

Cyber Security Modeling and Assessment of SCADA System Architectures

Cyber Security Modeling and Assessment of SCADA System Architectures Cyber Security Modeling and Assessment of SCADA System Architectures Mathias Ekstedt, Associate Professor Teodor Sommestad Hannes Holm Industrial Information and Control Systems KTH Royal Institute of

More information

Cyber R &D Research Roundtable

Cyber R &D Research Roundtable Cyber R &D Research Roundtable 2 May 2013 N A T I O N A L S E C U R I T Y E N E R G Y & E N V I R O N M E N T H E A L T H C Y B E R S E C U R I T Y Changing Environment Rapidly Evolving Threat Changes

More information

Penetration Testing //Vulnerability Assessment //Remedy

Penetration Testing //Vulnerability Assessment //Remedy A Division Penetration Testing //Vulnerability Assessment //Remedy In Penetration Testing, part of a security assessment practice attempts to simulate the techniques adopted by an attacker in compromising

More information

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options White paper What a Vulnerability Assessment Scanner Can t Tell You Leveraging Network Context to Prioritize Remediation Efforts and Identify Options november 2011 WHITE PAPER RedSeal Networks, Inc. 3965

More information

Kirsten Sinclair SyntheSys Systems Engineers

Kirsten Sinclair SyntheSys Systems Engineers Kirsten Sinclair SyntheSys Systems Engineers Kirsten Sinclair SyntheSys Systems Engineers Spicing-up IBM s Enterprise Architecture tools with Petri Nets On Today s Menu Appetiser: Background Starter: Use

More information

IBM Global Technology Services Statement of Work. for. IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing

IBM Global Technology Services Statement of Work. for. IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing IBM Global Technology Services Statement of Work for IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing The information in this Statement of Work may not be disclosed

More information

8 Steps for Network Security Protection

8 Steps for Network Security Protection 8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because

More information

8 Steps For Network Security Protection

8 Steps For Network Security Protection 8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their

More information

A Practical Approach to Threat Modeling

A Practical Approach to Threat Modeling A Practical Approach to Threat Modeling Tom Olzak March 2006 Today s security management efforts are based on risk management principles. In other words, security resources are applied to vulnerabilities

More information

IQware's Approach to Software and IT security Issues

IQware's Approach to Software and IT security Issues IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.

More information

Model, Analyze and Optimize the Supply Chain

Model, Analyze and Optimize the Supply Chain Model, Analyze and Optimize the Supply Chain Optimize networks Improve product flow Right-size inventory Simulate service Balance production Optimize routes The Leading Supply Chain Design and Analysis

More information

CS52600: Information Security

CS52600: Information Security CS18000: Programming I CS52600: Information Security Vulnerability Analysis 15 November 2010 Prof. Chris Clifton Vulnerability Analysis Vulnerability: Lapse in enforcement enabling violation of security

More information

Intro to Firewalls. Summary

Intro to Firewalls. Summary Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer

More information

PCI DSS v3.0 Vulnerability & Penetration Testing

PCI DSS v3.0 Vulnerability & Penetration Testing 6.6 For public-facing web applications, address new threats and vulnerabilities on an ongoing basis and ensure these applications are protected against known attacks by either of the following methods:

More information

THE ROLE OF IDS & ADS IN NETWORK SECURITY

THE ROLE OF IDS & ADS IN NETWORK SECURITY THE ROLE OF IDS & ADS IN NETWORK SECURITY The Role of IDS & ADS in Network Security When it comes to security, most networks today are like an egg: hard on the outside, gooey in the middle. Once a hacker

More information

Directory and File Transfer Services. Chapter 7

Directory and File Transfer Services. Chapter 7 Directory and File Transfer Services Chapter 7 Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems Identify major

More information

System Specification. Author: CMU Team

System Specification. Author: CMU Team System Specification Author: CMU Team Date: 09/23/2005 Table of Contents: 1. Introduction...2 1.1. Enhancement of vulnerability scanning tools reports 2 1.2. Intelligent monitoring of traffic to detect

More information

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming 1 Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming Hussain M.J. Almohri, Member, IEEE, Layne T. Watson, Danfeng (Daphne) Yao, Member, IEEE and Xinming

More information

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding

More information

FINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

FINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES Purpose: The Department of Information Technology (DoIT) is committed to developing secure applications. DoIT s System Development Methodology (SDM) and Application Development requirements ensure that

More information

G- Cloud Specialist Cloud Services. Security and Penetration Testing. Overview

G- Cloud Specialist Cloud Services. Security and Penetration Testing. Overview Description C Service Overview G- Cloud Specialist Cloud Services Security and Penetration Testing This document provides a description of TVS s Security and Penetration Testing Service offered under the

More information

Network & Agent Based Intrusion Detection Systems

Network & Agent Based Intrusion Detection Systems Network & Agent Based Intrusion Detection Systems Hakan Albag TU Munich, Dep. of Computer Science Exchange Student Istanbul Tech. Uni., Dep. Of Comp. Engineering Abstract. The following document is focused

More information

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division

More information

PERFORMANCE TOOLS DEVELOPMENTS

PERFORMANCE TOOLS DEVELOPMENTS PERFORMANCE TOOLS DEVELOPMENTS Roberto A. Vitillo presented by Paolo Calafiura & Wim Lavrijsen Lawrence Berkeley National Laboratory Future computing in particle physics, 16 June 2011 1 LINUX PERFORMANCE

More information

SAST, DAST and Vulnerability Assessments, 1+1+1 = 4

SAST, DAST and Vulnerability Assessments, 1+1+1 = 4 SAST, DAST and Vulnerability Assessments, 1+1+1 = 4 Gordon MacKay Digital Defense, Inc. Chris Wysopal Veracode Session ID: Session Classification: ASEC-W25 Intermediate AGENDA Risk Management Challenges

More information

A Biologically Inspired Approach to Network Vulnerability Identification

A Biologically Inspired Approach to Network Vulnerability Identification A Biologically Inspired Approach to Network Vulnerability Identification Evolving CNO Strategies for CND Todd Hughes, Aron Rubin, Andrew Cortese,, Harris Zebrowitz Senior Member, Engineering Staff Advanced

More information

Application Firewall Overview. Published: February 2007 For the latest information, please see http://www.microsoft.com/iag

Application Firewall Overview. Published: February 2007 For the latest information, please see http://www.microsoft.com/iag Application Firewall Overview Published: February 2007 For the latest information, please see http://www.microsoft.com/iag Contents IAG Application Firewall: An Overview... 1 Features and Benefits... 2

More information

Penetration tests Risk of security loopholes in IT networks

Penetration tests Risk of security loopholes in IT networks Penetration tests Risk of security loopholes in IT networks Penetration tests Risk of security loopholes in IT networks Unauthorized access to the systems and data of your company, loss of expertise, and

More information

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24 Introduction to Computer Networks Lecture24 Network security (continued) Key distribution Secure Shell Overview Authentication Practical issues Firewalls Denial of Service Attacks Definition Examples Key

More information

Course Title: Penetration Testing: Security Analysis

Course Title: Penetration Testing: Security Analysis Course Title: Penetration Testing: Security Analysis Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced

More information

PCI Security Scan Procedures. Version 1.0 December 2004

PCI Security Scan Procedures. Version 1.0 December 2004 PCI Security Scan Procedures Version 1.0 December 2004 Disclaimer The Payment Card Industry (PCI) is to be used as a guideline for all entities that store, process, or transmit Visa cardholder data conducting

More information

Bayesian networks - Time-series models - Apache Spark & Scala

Bayesian networks - Time-series models - Apache Spark & Scala Bayesian networks - Time-series models - Apache Spark & Scala Dr John Sandiford, CTO Bayes Server Data Science London Meetup - November 2014 1 Contents Introduction Bayesian networks Latent variables Anomaly

More information

An Application of Machine Learning to Network Intrusion Detection

An Application of Machine Learning to Network Intrusion Detection An Application of Machine Learning to Network Intrusion Detection Chris Sinclair Applied Research Laboratories The University of Texas at Austin sinclair@arlututexasedu Lyn Pierce epierce@arlututexasedu

More information

13 Ways Through A Firewall

13 Ways Through A Firewall Industrial Control Systems Joint Working Group 2012 Fall Meeting 13 Ways Through A Firewall Andrew Ginter Director of Industrial Security Waterfall Security Solutions Proprietary Information -- Copyright

More information

Anti-Virus Power Consumption Trial

Anti-Virus Power Consumption Trial Anti-Virus Power Consumption Trial Executive Summary Open Market Place (OMP) ISSUE 1.0 2014 Lockheed Martin UK Integrated Systems & Solutions Limited. All rights reserved. No part of this publication may

More information

Network security (Part II): Can we do a better job? "

Network security (Part II): Can we do a better job? Network security (Part II): Can we do a better job? Rattikorn Hewett Outline State of the practices Drawbacks and Issues A proposed alternative NSF SFS Workshop August 14-18, 2014 2 Computer Network Computer

More information

Making your web application. White paper - August 2014. secure

Making your web application. White paper - August 2014. secure Making your web application White paper - August 2014 secure User Acceptance Tests Test Case Execution Quality Definition Test Design Test Plan Test Case Development Table of Contents Introduction 1 Why

More information

Development of a Network Intrusion Detection System

Development of a Network Intrusion Detection System Development of a Network Intrusion Detection System (I): Agent-based Design (FLC1) (ii): Detection Algorithm (FLC2) Supervisor: Dr. Korris Chung Please visit my personal homepage www.comp.polyu.edu.hk/~cskchung/fyp04-05/

More information

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations

More information

Compact Representations and Approximations for Compuation in Games

Compact Representations and Approximations for Compuation in Games Compact Representations and Approximations for Compuation in Games Kevin Swersky April 23, 2008 Abstract Compact representations have recently been developed as a way of both encoding the strategic interactions

More information

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning

More information

What is Web Security? Motivation

What is Web Security? Motivation brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web

More information

Web App Security Audit Services

Web App Security Audit Services locuz.com Professional Services Web App Security Audit Services The unsecured world today Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System

More information

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,

More information

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming 1 Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming Hussain M.J. Almohri, Member, IEEE, Layne T. Watson Fellow, IEEE, Danfeng (Daphne) Yao, Member, IEEE

More information

Fuzzy Network Profiling for Intrusion Detection

Fuzzy Network Profiling for Intrusion Detection Fuzzy Network Profiling for Intrusion Detection John E. Dickerson (jedicker@iastate.edu) and Julie A. Dickerson (julied@iastate.edu) Electrical and Computer Engineering Department Iowa State University

More information

locuz.com Professional Services Security Audit Services

locuz.com Professional Services Security Audit Services locuz.com Professional Services Security Audit Services Today s Security Landscape Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System layer.

More information

A Vague Improved Markov Model Approach for Web Page Prediction

A Vague Improved Markov Model Approach for Web Page Prediction A Vague Improved Markov Model Approach for Web Page Prediction ABSTRACT Priya Bajaj and Supriya Raheja Department of Computer Science & Engineering, ITM University Gurgaon, Haryana 122001, India Today

More information

Software Supply Chains: Another Bug Bites the Dust.

Software Supply Chains: Another Bug Bites the Dust. SESSION ID: STR-T08 Software Supply Chains: Another Bug Bites the Dust. Todd Inskeep 1 Global Security Assessments VP Samsung Business Services @Todd_Inskeep Series of Recent, Large, Long-term Security

More information

Threat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN

Threat Modeling. Frank Piessens (Frank.Piessens@cs.kuleuven.be ) KATHOLIEKE UNIVERSITEIT LEUVEN Threat Modeling Frank Piessens (Frank.Piessens@cs.kuleuven.be ) Secappdev 2007 1 Overview Introduction Key Concepts Threats, Vulnerabilities, Countermeasures Example Microsoft s Threat Modeling Process

More information

Chapter 4 DECISION ANALYSIS

Chapter 4 DECISION ANALYSIS ASW/QMB-Ch.04 3/8/01 10:35 AM Page 96 Chapter 4 DECISION ANALYSIS CONTENTS 4.1 PROBLEM FORMULATION Influence Diagrams Payoff Tables Decision Trees 4.2 DECISION MAKING WITHOUT PROBABILITIES Optimistic Approach

More information

Software Active Online Monitoring Under. Anticipatory Semantics

Software Active Online Monitoring Under. Anticipatory Semantics Software Active Online Monitoring Under Anticipatory Semantics Changzhi Zhao, Wei Dong, Ji Wang, Zhichang Qi National Laboratory for Parallel and Distributed Processing P.R.China 7/21/2009 Overview Software

More information

Real-time hybrid analysis:

Real-time hybrid analysis: Real-time hybrid : Find more, fix faster Technology white paper Brian Chess, Ph.D., Distinguished Technologist, HP Founder and Chief Scientist, HP Fortify Summary Real-time hybrid marks a substantial evolution

More information

CRYPTUS DIPLOMA IN IT SECURITY

CRYPTUS DIPLOMA IN IT SECURITY CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information

More information

Measuring the Performance of an Agent

Measuring the Performance of an Agent 25 Measuring the Performance of an Agent The rational agent that we are aiming at should be successful in the task it is performing To assess the success we need to have a performance measure What is rational

More information

arxiv:1306.4040v1 [cs.cr] 17 Jun 2013

arxiv:1306.4040v1 [cs.cr] 17 Jun 2013 An Algorithm to Find Optimal Attack Paths in Nondeterministic Scenarios Carlos Sarraute Core Security Technologies and ITBA Buenos Aires, Argentina carlos@corest.com Gerardo Richarte Core Security Technologies

More information

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013

PASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013 2013 PASTA Abstract Process for Attack S imulation & Threat Assessment Abstract VerSprite, LLC Copyright 2013 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

More information

On the Deficiencies of Active Network Discovery Systems

On the Deficiencies of Active Network Discovery Systems On the Deficiencies of Active Network Discovery Systems Ofir Arkin Chief Technology Officer Insightix Copyright 2012 - All Rights Reserved. This material is proprietary of Insightix. Any unauthorized

More information

Information Security Attack Tree Modeling for Enhancing Student Learning

Information Security Attack Tree Modeling for Enhancing Student Learning Information Security Attack Tree Modeling for Enhancing Student Learning Jidé B. Odubiyi, Computer Science Department Bowie State University, Bowie, MD and Casey W. O Brien, Network Technology Department

More information

Modelling cyber-threats in the Airport domain: a case study from the SECONOMICS project. Alessandra Tedeschi, Deep Blue S.r.

Modelling cyber-threats in the Airport domain: a case study from the SECONOMICS project. Alessandra Tedeschi, Deep Blue S.r. Modelling cyber-threats in the Airport domain: a case study from the SECONOMICS project Alessandra Tedeschi, Deep Blue S.r.L, Rome, Italy Project overview SECONOMICS is a 36 months project funded in the

More information

Using Web Security Scanners to Detect Vulnerabilities in Web Services

Using Web Security Scanners to Detect Vulnerabilities in Web Services DSN 2009 Using Web Security Scanners to Detect Vulnerabilities in Web Services Marco Vieira,, Henrique Madeira {mvieira, nmsa, henrique}@dei.uc.pt CISUC Department of Informatics Engineering University

More information

Computational Sciences and Engineering Division 2. Computer Science & Mathematics Division

Computational Sciences and Engineering Division 2. Computer Science & Mathematics Division Distributed Intrusion Detection and Attack Containment for Organizational Cyber Security Stephen G. Batsell 1, Nageswara S. Rao 2, Mallikarjun Shankar 1 1 Computational Sciences and Engineering Division

More information

F5 Silverline Web Application Firewall Onboarding: Technical Note

F5 Silverline Web Application Firewall Onboarding: Technical Note F5 Silverline Web Application Firewall Onboarding: Technical Note F5 Silverline Web Application Firewall Onboarding With organizations transitioning application workloads to the cloud, traditional centralized

More information

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE:

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE: PENETRATION TESTING A SYSTEMATIC APPROACH INTRODUCTION: The basic idea behind writing this article was to put forward a systematic approach that needs to be followed to perform a successful penetration

More information

Architecture of distributed network processors: specifics of application in information security systems

Architecture of distributed network processors: specifics of application in information security systems Architecture of distributed network processors: specifics of application in information security systems V.Zaborovsky, Politechnical University, Sait-Petersburg, Russia vlad@neva.ru 1. Introduction Modern

More information

Using Nessus In Web Application Vulnerability Assessments

Using Nessus In Web Application Vulnerability Assessments Using Nessus In Web Application Vulnerability Assessments Paul Asadoorian Product Evangelist Tenable Network Security pasadoorian@tenablesecurity.com About Tenable Nessus vulnerability scanner, ProfessionalFeed

More information

Decision Trees and Networks

Decision Trees and Networks Lecture 21: Uncertainty 6 Today s Lecture Victor R. Lesser CMPSCI 683 Fall 2010 Decision Trees and Networks Decision Trees A decision tree is an explicit representation of all the possible scenarios from

More information

How To. Instreamer to Exstreamer connection. Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection. How To 1.

How To. Instreamer to Exstreamer connection. Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection. How To 1. Instreamer to Exstreamer connection Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection 1.11 Date: 06.03.2013 2013 Barix AG, all rights reserved. All information is subject

More information

White Paper. Managing Risk to Sensitive Data with SecureSphere

White Paper. Managing Risk to Sensitive Data with SecureSphere Managing Risk to Sensitive Data with SecureSphere White Paper Sensitive information is typically scattered across heterogeneous systems throughout various physical locations around the globe. The rate

More information

Scheduling Home Health Care with Separating Benders Cuts in Decision Diagrams

Scheduling Home Health Care with Separating Benders Cuts in Decision Diagrams Scheduling Home Health Care with Separating Benders Cuts in Decision Diagrams André Ciré University of Toronto John Hooker Carnegie Mellon University INFORMS 2014 Home Health Care Home health care delivery

More information

Running A Fully Controlled Windows Desktop Environment with Application Whitelisting

Running A Fully Controlled Windows Desktop Environment with Application Whitelisting Running A Fully Controlled Windows Desktop Environment with Application Whitelisting By: Brien M. Posey, Microsoft MVP Published: June 2008 About the Author: Brien M. Posey, MCSE, is a Microsoft Most Valuable

More information

Network Machine Learning Research Group. Intended status: Informational October 19, 2015 Expires: April 21, 2016

Network Machine Learning Research Group. Intended status: Informational October 19, 2015 Expires: April 21, 2016 Network Machine Learning Research Group S. Jiang Internet-Draft Huawei Technologies Co., Ltd Intended status: Informational October 19, 2015 Expires: April 21, 2016 Abstract Network Machine Learning draft-jiang-nmlrg-network-machine-learning-00

More information

Telecom Equipment Assurance Testing

Telecom Equipment Assurance Testing Telecom Equipment Assurance Testing T.V.Prabhakar, Gopi Krishna S Garge, Indian Institute of Science Bangalore Agenda Overview of the TETC Security Testing & requirements Security Standards? Is there a

More information

Firewalls (IPTABLES)

Firewalls (IPTABLES) Firewalls (IPTABLES) Objectives Understand the technical essentials of firewalls. Realize the limitations and capabilities of firewalls. To be familiar with iptables firewall. Introduction: In the context

More information

Symantec Endpoint Protection Analyzer Report

Symantec Endpoint Protection Analyzer Report Symantec Endpoint Protection Analyzer Report For Symantec Customer Table of Contents Statement of Confidentiality... 3 1. Introduction... 4 2. Environmental Analysis Overview... 5 2.1 Findings Overview...

More information

IMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY MONITORING

IMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY MONITORING IMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY How runtime application security monitoring helps enterprises make smarter decisions on remediation 2 ABSTRACT Enterprises today

More information

Network Security and Risk Analysis Using Attack Graphs

Network Security and Risk Analysis Using Attack Graphs Network Security and Risk Analysis Using Attack Graphs Anoop Singhal National Institute of Standards and Technology Coauthors: Lingyu Wang and Sushil Jajodia Concordia University George Mason University

More information

Copyright 2006. Watchfire Corporation. All Rights Reserved.

Copyright 2006. Watchfire Corporation. All Rights Reserved. AppScan Frequently Asked Technical Questions 1. How is AppScan different from other web application scanners? (p. 2) 2. How do I know if I ve covered all of my applications? (p. 3) 3. How is AppScan different

More information

Web Site Visit Forecasting Using Data Mining Techniques

Web Site Visit Forecasting Using Data Mining Techniques Web Site Visit Forecasting Using Data Mining Techniques Chandana Napagoda Abstract: Data mining is a technique which is used for identifying relationships between various large amounts of data in many

More information