Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, October 15 • 4:00pm - 5:00pm
Aggregate Attack Graphs from Real-World Vulnerability Definitions

Sign up or log in to save this to your schedule and see who's attending!

An attack graph is a bipartite set consisting of vertices that represent either vulnerabilities or logical conditions, and directed edges that represent pre- and post-conditions of exploit. An attack graph is often used to comprise multi-step attacks on a given network and thereby make the security of that network amenable to graphical analyses. We mitigate two limitations of attack graphs regarding application to real networks. By doing so, we are able to 1) develop attack graphs that encompass the entire NVD database, providing coverage comparable to that from a vulnerability scanner and 2) form longitudinal judgments of the hardness of networks that feature realistic provisioning and thereby provide decision support for IT provisioning. The first limitation in applying attack graphs to real networks is that the pre- and post-conditions that are necessary to chain vulnerabilities are generated by hand because these are not part of standard vulnerability definitions. We demonstrate a semi-automated method to populate attack graph vertices from NVD definitions and to group these vertices into supernodes. Conditions are annotated for only these supernodes, such that the manual effort to annotate conditions is minimized. The second limitation is that an attack graph represents a single configuration of a network and the results of any analysis of this graph apply specifically to this configuration. In the real world, network configurations change daily but provisioning decisions are made in the long term. We extend the attack graph concept to support aggregation across configurations.

Speakers
CS

Caleb Severn

Caleb Severn is a PhD student in computer science and works in the Applied Research Laboratory at the Pennsylvania State University. In addition to basic research in network simulation and evaluation, Caleb performs data collection and modeling of supply chain security. Over the previous decade, Caleb worked in control networks and industrial security.


Thursday October 15, 2015 4:00pm - 5:00pm
Presidents Hall 2 The Penn Stater Conference Center Hotel

Attendees (7)