EEMCS

Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


14627 A Mobile Ambients-based Approach for Network Attack Modelling and Simulation
Home Policy Brochure Browse Search User Area Contact Help

Nunes Leal Franqueira, V. and van Eck, P.A.T. and Wieringa, R.J. and Lopes, R.H.C. (2009) A Mobile Ambients-based Approach for Network Attack Modelling and Simulation. In: Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security), 16-19 Mar 2009, Fukuoka, Japan. pp. 546-553. IEEE Computer Society. ISBN 978-0-7695-3564-7

Full text available as:

PDF

182 Kb
Open Access



Official URL: http://dx.doi.org/10.1109/ARES.2009.125

Exported to Metis

Abstract

Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets.

Item Type:Conference or Workshop Paper (Full Paper, Talk)
Research Group:EWI-IS: Information Systems
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:IPID: Integrated Policy-based Intrusion Detection
ID Code:14627
Status:Published
Deposited On:07 January 2010
Refereed:Yes
International:Yes
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item