Xinming Ou scite author profile

Attack graphs are important tools for analyzing security vulnerabilities in enterprise networks. Previous work on attack graphs has not provided an account of the scalability of the graph generating process, and there is often a lack of logical formalism in the representation of attack graphs, which results in the attack graph being difficult to use and understand by human beings. Pioneer work by Sheyner, et al. is the first attack-graph tool based on formal logical techniques, namely model-checking. However, when applied to moderate-sized networks, Sheyner's tool encountered a significant exponential explosion problem. This paper describes a new approach to represent and generate attack graphs. We propose logical attack graphs, which directly illustrate logical dependencies among attack goals and configuration information. A logical attack graph always has size polynomial to the network being analyzed. Our attack graph generation tool builds upon MulVAL, a network security analyzer based on logical programming. We demonstrate how to produce a derivation trace in the Mul-VAL logic-programming engine, and how to use the trace to generate a logical attack graph in quadratic time. We show experimental evidence that our logical attack graph generation algorithm is very efficient. We have generated logical attack graphs for fully connected networks of 1000 machines using a Pentium 4 CPU with 1GB of RAM.

show abstract

Deep Ground Truth Analysis of Current Android Malware

Wei

Roy

et al. 2017

314

204

View full text Add to dashboard Cite

Towards a Theory of Moving Target Defense

2014

View full text Add to dashboard Cite

The static nature of cyber systems gives attackers the advantage of time. Fortunately, a new approach, called the Moving Target Defense (MTD) has emerged as a potential solution to this problem. While promising, there is currently little research to show that MTD systems can work effectively in real systems. In fact, there is no standard definition of what an MTD is, what is meant by attack surface, or metrics to define the effectiveness of such systems. In this paper, we propose an initial theory that will begin to answer some of those questions. The paper defines the key concepts required to formally talk about MTD systems and their basic properties. It also discusses three essential problems of MTD systems, which include the MTD Problem (or how to select the next system configuration), the Adaptation Selection Problem, and the Timing Problem. We then formalize the MTD Entropy Hypothesis, which states that the greater the entropy of the system's configuration, the more effective the MTD system.

show abstract

Cyber SA: Situational Awareness for Cyber Defense

Barford¹,

Daciér

Dietterich

et al. 2009

121

View full text Add to dashboard Cite

Theorem Proving Using Lazy Proof Explication

Flanagan

Joshi

et al. 2003

View full text Add to dashboard Cite

Abstract. Many verification problems reduce to proving the validity of formulas involving both propositional connectives and domain-specific functions and predicates. This paper presents an explicating theorem prover architecture that leverages recent advances in propositional SAT solving and the development of proof-generating domain-specific procedures. We describe the implementation of an explicating prover based on this architecture that supports propositional logic, the theory of equality with uninterpreted function symbols, linear arithmetic, and the theory of arrays. We have applied this prover to a range of processor, cache coherence, and timed automata verification problems. We present experimental results on the performance of the prover, and on the performance impact of important design decisions in our implementation.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Xinming Ou

A scalable approach to attack graph generation

Deep Ground Truth Analysis of Current Android Malware

Towards a Theory of Moving Target Defense

Cyber SA: Situational Awareness for Cyber Defense

Theorem Proving Using Lazy Proof Explication

Contact Info

Product

Resources

About