Home > Publications
Home University of Twente
Prospective Students
Intranet (internal)

EEMCS EPrints Service

12950 Multi-step Attack Modelling and Simulation (MsAMS) Framework based on Mobile Ambients
Home Policy Brochure Browse Search User Area Contact Help

Nunes Leal Franqueira, V. and Lopes, R.H.C. and van Eck, P.A.T. (2008) Multi-step Attack Modelling and Simulation (MsAMS) Framework based on Mobile Ambients. Technical Report TR-CTIT-08-44, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

Full text available as:


252 Kb
Open Access

Exported to Metis


Attackers take advantage of any security breach to penetrate an
organisation perimeter and exploit hosts as stepping stones to
reach valuable assets, deeper in the network. The exploitation of
hosts is possible not only when vulnerabilities in commercial off-the-shelf
(COTS) software components are present, but also e.g. when an attacker
acquires a key (e.g. a password) on one host which allows him to
exploit further hosts on the network. Finding attacks involving the
latter case requires the ability to represent dynamic models.

In this paper we present MsAMS (Multi-step Attack Modelling and
Simulation), an implemented framework, based on Mobile
Ambients, to discover attacks in networks. The idea of ambients fits
naturally into this domain and has the advantage of providing
flexibility for modelling. Additionally, the concept of mobility
allows the simulation of attackers exploiting opportunities derived
either from the exploitation of vulnerable as well as from the
exploitation of non-vulnerable hosts, through the acquisition of keys.

Item Type:Internal Report (Technical Report)
Research Group:EWI-IS: Information Systems
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:IPID: Integrated Policy-based Intrusion Detection
ID Code:12950
Deposited On:26 June 2008
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item