Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients

Franqueira, Virginia N. L.; Lopes, Raul; Eck, Pascal van

doi:10.1145/1529282.1529294

Cited by 16 publications

(6 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In our tests it converged in less than 60 cycles for a test with 8000 nodes. In a previous implementation [28] we used a full matrix multiplication and fixed k, obtaining running times of O(n 3 ) when using more than 8000 nodes. Currently, we have an implementation in Haskell using a sparse matrix multiplication and a matrix akin to the Google matrix [27].…”

Section: Resultsmentioning

confidence: 99%

“…In this paper, we extend [23] in many ways. We review the modelling of the running example, introduce a new example, and provide more details on how we achieve requirements R 1 , R 2 and R 3 , such as, how we capture network locality and connectivity (Section VI), how virtual links are processed (Section VIII), and how we use ranking algorithms (Section IX).…”

Section: A Contributionmentioning

confidence: 99%

See 1 more Smart Citation

A Mobile Ambients-Based Approach for Network Attack Modelling and Simulation

Franqueira

Eck

Wieringa

et al. 2009

2009 International Conference on Availability, Reliability and Security

Self Cite

View full text Add to dashboard Cite

Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: A Contributionmentioning

confidence: 99%

A Mobile Ambients-Based Approach for Network Attack Modelling and Simulation

Franqueira

Eck

Wieringa

et al. 2009

2009 International Conference on Availability, Reliability and Security

Self Cite

View full text Add to dashboard Cite

show abstract

“…A framework for the modeling and simulation of network attacks was subsequently developed in [10]. This contribution is unique in that it views the network as an ''ambient'' that contains other ''ambients'' and simulates an attacker who finds an attack path not through preconditions and postconditions, but by using an ''access-to-effect'' paradigm.…”

Section: Related Workmentioning

confidence: 99%

Integrating attacker behavior in IT security analysis: a discrete-event simulation approach

et al. 2015

View full text Add to dashboard Cite

When designing secure information systems, a profound understanding of the threats that they are exposed to is indispensable. Today's most severe risks come from malicious threat agents exploiting a variety of attack vectors to achieve their goals, rather than from random opportunistic threats such as malware. Most security analyses, however, focus on fixing technical weaknesses, but do not account for sophisticated combinations of attack mechanisms and heterogeneity in adversaries' motivations, resources, capabilities, or points of access. In order to address these shortcomings and, thus, to provide security analysts with a tool that makes it possible to also identify emergent weaknesses that may arise from dynamic interactions of attacks, we have combined rich conceptual modeling of security knowledge with attack graph generation and discrete-event simulation techniques. This paper describes the prototypical implementation of the resulting security analysis tool and demonstrates how it can be used for an experimental evaluation of a system's resilience against various adversaries.

show abstract

“…Currently the lack of security is not visible, but once others take notice, consumers will make sure that it is in order. It can also be argued that consumers will spend certainly less time than enterprises: they do not own large IT infrastructures comprising hundreds of servers, where the likelihood must be estimated that attackers will move from node to node in a long multistep attack [4]. For consumers, a cloud computing service can simply be considered as a black box.…”

Section: Consumers Do Not Want To Spend Time On Securitymentioning

confidence: 99%

“…In fact, users will be able to use more products and more securely, not being held back by worries about their security. 4 http://www.isaca.org/cobit/…”

Section: A Consumer Security Process Will Stifle Innovationmentioning

confidence: 99%

A risk management process for consumers

Cleeff

2010

Proceedings of the 2010 New Security Paradigms Workshop

View full text Add to dashboard Cite

Simply by using information technology, consumers expose themselves to considerable security risks. Because no technical or legal solutions are readily available, the only remedy is to develop a risk management process for consumers, similar to the process executed by enterprises. Consumers need to consider the risks in a structured way, and take action, not once, but iteratively. Such a process is feasible: enterprises already execute such processes, and time-saving tools can support the consumer in her own process. In fact, given our society's emphasis on individual responsibilities, skills and devices, a risk management process for consumers is the logical next step in improving information security.

show abstract

Multi-step attack modelling and simulation (MsAMS) framework based on mobile ambients

Cited by 16 publications

References 30 publications

A Mobile Ambients-Based Approach for Network Attack Modelling and Simulation

A Mobile Ambients-Based Approach for Network Attack Modelling and Simulation

Integrating attacker behavior in IT security analysis: a discrete-event simulation approach

A risk management process for consumers

Contact Info

Product

Resources

About