Skip to main content
placeholder image

An Adversary aware and intrusion detection aware attack model ranking scheme

Journal Article


Abstract


  • A successful computer system intrusion is often resulted from

    an attacker combining exploits of individual vulnerability. This can be

    modelled by attack models and attack graphs to provide a global view

    on system security against attackers goal. However, as the size and complexity

    of attack models and attack graphs usually greatly exceeds human

    ability to visualize, understand and analyze, a scheme is required to identify

    important portions of attack models and attack graphs. Mehta et al.

    proposed to rank states of an attack model by the probability of an adversary

    reaching a state by a sequence of exploiting individual vulnerabilities

    in a previous scheme. Important portions can hence be identified

    by ranks of states. However, Mehta et al.s ranking scheme is based on the

    PageRank algorithm whichmodels aweb surfing scenario, but has not considered

    much on the dissimilarity between web surfing scenarios and computer

    system intrusion scenarios. In this paper, we extend Mehta et al.s

    scheme by taking into consideration dissimilarity between web surfing

    scenarios and computer system intrusion scenarios. We experiment with

    the same network model used in Mehta et al.s scheme and have the results

    compared. The experiments yielded promising results that demonstrated

    consistent ranks amongst varying parameters modelled by our

    ranking scheme.

UOW Authors


  •   Lu, Liang (external author)
  •   Safavi-Naini, Rei (external author)
  •   Horton, Jeffrey P. (external author)
  •   Susilo, Willy

Publication Date


  • 2007

Published In


  •   Journal

Citation


  • Lu, L., Safavi-Naini, R., Horton, J. P. & Susilo, W. (2007). An Adversary aware and intrusion detection aware attack model ranking scheme. J. Katz & M. Yung In International Conference on Applied Cryptography and Network Security, 5-8 June, Zhuhai, China. 4521 65-86.

Scopus Eid


  • 2-s2.0-38049055212

Ro Metadata Url


  • http://ro.uow.edu.au/infopapers/1657

Has Global Citation Frequency


Number Of Pages


  • 21

Start Page


  • 65

End Page


  • 86

Volume


  • 4521

Place Of Publication


  • Berlin

Abstract


  • A successful computer system intrusion is often resulted from

    an attacker combining exploits of individual vulnerability. This can be

    modelled by attack models and attack graphs to provide a global view

    on system security against attackers goal. However, as the size and complexity

    of attack models and attack graphs usually greatly exceeds human

    ability to visualize, understand and analyze, a scheme is required to identify

    important portions of attack models and attack graphs. Mehta et al.

    proposed to rank states of an attack model by the probability of an adversary

    reaching a state by a sequence of exploiting individual vulnerabilities

    in a previous scheme. Important portions can hence be identified

    by ranks of states. However, Mehta et al.s ranking scheme is based on the

    PageRank algorithm whichmodels aweb surfing scenario, but has not considered

    much on the dissimilarity between web surfing scenarios and computer

    system intrusion scenarios. In this paper, we extend Mehta et al.s

    scheme by taking into consideration dissimilarity between web surfing

    scenarios and computer system intrusion scenarios. We experiment with

    the same network model used in Mehta et al.s scheme and have the results

    compared. The experiments yielded promising results that demonstrated

    consistent ranks amongst varying parameters modelled by our

    ranking scheme.

UOW Authors


  •   Lu, Liang (external author)
  •   Safavi-Naini, Rei (external author)
  •   Horton, Jeffrey P. (external author)
  •   Susilo, Willy

Publication Date


  • 2007

Published In


  •   Journal

Citation


  • Lu, L., Safavi-Naini, R., Horton, J. P. & Susilo, W. (2007). An Adversary aware and intrusion detection aware attack model ranking scheme. J. Katz & M. Yung In International Conference on Applied Cryptography and Network Security, 5-8 June, Zhuhai, China. 4521 65-86.

Scopus Eid


  • 2-s2.0-38049055212

Ro Metadata Url


  • http://ro.uow.edu.au/infopapers/1657

Has Global Citation Frequency


Number Of Pages


  • 21

Start Page


  • 65

End Page


  • 86

Volume


  • 4521

Place Of Publication


  • Berlin