Published: July 31, 2013
Author(s)
Massimiliano Albanese, Sushil Jajodia, Anoop Singhal, Lingyu Wang
Conference
Name: 2013 International Conference on Security and Cryptography (SECRYPT)
Dates: 07/29/2013 - 07/31/2013
Location: Reykjavik, Iceland
Citation: E-Business and Telecommunications: International Joint Conference, ICETE 2013, Reykjavik, Iceland, July 29-31, 2013, Revised Selected Papers, vol. 456, pp. 322-340
Computer systems are vulnerable to both known and zero-day attacks. Although known attack patterns can be easily modeled, thus enabling the definition of suitable hardening strategies, handling zero-day vulnerabilities is inherently difficult due to their unpredictable nature. Previous research has attempted to assess the risk associated with unknown attack patterns, and a metric to quantify such risk, the k-zero-day safety metric, has been defined. However, existing algorithms for computing this metric are not scalable, and assume that complete zero-day attack graphs have been generated, which may be unfeasible in practice for large networks. In this paper, we propose a framework comprising a suite of polynomial algorithms for estimating the k-zero-day safety of possibly large networks efficiently, without pre-computing the entire attack graph. We validate our approach experimentally, and show that the proposed solution is computationally efficient and accurate.
Computer systems are vulnerable to both known and zero-day attacks. Although known attack patterns can be easily modeled, thus enabling the definition of suitable hardening strategies, handling zero-day vulnerabilities is inherently difficult due to their unpredictable nature. Previous research has...
See full abstract
Computer systems are vulnerable to both known and zero-day attacks. Although known attack patterns can be easily modeled, thus enabling the definition of suitable hardening strategies, handling zero-day vulnerabilities is inherently difficult due to their unpredictable nature. Previous research has attempted to assess the risk associated with unknown attack patterns, and a metric to quantify such risk, the k-zero-day safety metric, has been defined. However, existing algorithms for computing this metric are not scalable, and assume that complete zero-day attack graphs have been generated, which may be unfeasible in practice for large networks. In this paper, we propose a framework comprising a suite of polynomial algorithms for estimating the k-zero-day safety of possibly large networks efficiently, without pre-computing the entire attack graph. We validate our approach experimentally, and show that the proposed solution is computationally efficient and accurate.
Hide full abstract
Keywords
attack graphs; vulnerability analysis; zero-day attacks
Control Families
None selected