The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
in this work, SDN has been utilized to alleviate and eliminate the problem of ARP poisoning attack. This attack is the underlying infrastructure for many other network attacks, such as, man in the middle, denial of service and session hijacking. In this paper we propose a new algorithm to resolve the problem of ARP spoofing. The algorithm can be applied in two different scenarios. The two scenarios...
Our team is currently developing an Automated Cyber Red Teaming system that, when given a model-based capture of an organisation’s network, uses automated planning techniques to generate and assess multi-stage attacks. Specific to this paper, we discuss our development of the visual analytic component of this system. Through various views that display network attacks paths at different levels of abstraction,...
Protecting network-accessible resources from unauthorized use requires understanding of network vulnerability. Building attack models as chains of vulnerability exploits by an attacker can help locate flaws to prevent attacks. This paper presents an approach to automatically analyzing security attack models called exploit-based analysis. By using knowledge about exploitability of network vulnerabilities...
Utilizing computer aided security risk assessment, administrators can apperceive network security situation quickly and take countermeasures effectively. Most assessment methods disregard the dependencies among services, lack the evaluation against indirect risks, and seldom mention the composition of multiple source risks. Regarding the above problems, an assessment method that based on service dependency...
Traditional methods for evaluating network security neglect the correlation of network vulnerabilities. To solve this problem, a method based on Colored Petri Net (CPN) modeling is presented. Potential attack sequences are built according to the correlation of network vulnerabilities. The weakness and key paths can be found through analyzing the attack sequences. Simulation results show that the proposed...
As network components are often highly interdependent and interconnected,an adversary outside can take advantage of multiple vulnerabilities in unexpected ways, incrementally penetrate a network and compromise critical systems. Attack graph is commonly used for analyzing network security level for its capability in reflecting all network vulnerabilities and their inter relationships. However, attack...
A quantitative risk evaluation method for network security is proposed based on analyzing the process that attackers intrude network. The analysis depends on modeling attack activities and attack processes by tracking the transferring of safety states. Three key factors of risk evaluation about assets, threats and vulnerabilities are identified and quantified. Especially the attack probability indexes...
To address the scalability problem in attack graphs generation, we propose a novel method to generate attack graphs automatically. Our approach constructs a two- tier attack graph framework, which includes a host access graph and some sub-attack graphs. A sub-attack graph describes concrete attack scenarios from one source host to one target host, while the host access graph describes the attacker's...
The compact attack graphs implicitly reveal the threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromising given critical resources in enterprise networks with thousands of hosts. For security analysts, the challenge is how to analyze the complex attack graphs with possible ten thousands of nodes for defending the security of network. In the...
Attack graph plays an important role in network security, as it directly shows the existence of vulnerabilities in network and how attackers use these vulnerabilities to implement an effective attack, the analysis on the attack graph or the simulation of dynamic attacks through attack graph can help us easily find out the vulnerabilities in network, and take corresponding security measures, in order...
In order to assess the security of network information system, many graph-based approaches have been proposed. Attack Graph is the most influential one. But attack graphs grow exponentially with the size of the network. In this paper, we propose an improved access graph based model to analyze network security. As a complement to the attack graph approach, the access graph is host-centric approach,...
Going beyond vulnerability scanning tools that make lists of known vulnerabilities locating on given individual hosts, attack graphs identify all possible attack paths that end in a state where an attacker has successfully achieved his goal. But the algorithmic complexity grows exponential in the size of the network. The access graph is proposed as a complement to the attack graph approach which is...
Resource-constraint nature of wireless sensor network (WSN) makes the security issue certainly a big challenge. An efficient key management scheme is the pre-requisite to ensure security in WSN. In this paper we present a secured key management protocol (SecCOSEN) adopted on COSEN, a chain oriented sensor network, which is used for periodic data collection. SecCOSEN uses partial key pre-distribution...
In order to improve the overall security of networks, a method of making strategies for network hardening based on global attack graphs is proposed. This method calculates the reachability of network states by using a global attack graph firstly, and then the security loss of network states and the criticality of security elements are got. Security elements are removed based on the rule of maximum-criticality-first...
In recent years, organizations have been shifting focus to their core business competencies, and reducing total cost of ownership (TCO) associated with training and management of their IT infrastructure. In the same motif, organizations are establishing security and survivability frameworks as an integral part of their business strategy so as to provide an acceptable quality-of-service for their clients...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.