Validating and Restoring Defense in Depth Using Attack Graphs
- 1 October 2006
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Defense in depth is a common strategy that uses layers of firewalls to protect supervisory control and data acquisition (SCADA) subnets and other critical resources on enterprise networks. A tool named NetSPA is presented that analyzes firewall rules and vulnerabilities to construct attack graphs. These show how inside and outside attackers can progress by successively compromising exposed vulnerable hosts with the goal of reaching critical internal targets. NetSPA generates attack graphs and automatically analyzes them to produce a small set of prioritized recommendations to restore defense in depth. Field trials on networks with up to 3,400 hosts demonstrate that firewalls often do not provide defense in depth due to misconfigurations and critical unpatched vulnerabilities on hosts. In all cases, a small number of recommendations was provided to restore defense in depth. Simulations on networks with up to 50,000 hosts demonstrate that this approach scales well to enterprise-size networksKeywords
This publication has 9 references indexed in Scilit:
- Understanding Complex Network Attack Graphs through Clustered Adjacency MatricesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2006
- Automated generation and analysis of attack graphsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- A quantitative study of firewall configuration errorsComputer, 2004
- Modeling multistep cyber attacks for scenario recognitionPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2004
- Computer-attack graph generation toolPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Scalable, graph-based network vulnerability analysisPublished by Association for Computing Machinery (ACM) ,2002
- A requires/provides model for computer attacksPublished by Association for Computing Machinery (ACM) ,2001
- LAMBDA: A Language to Model a Database for Detection of AttacksLecture Notes in Computer Science, 2000
- Experimenting with quantitative evaluation tools for monitoring operational securityIEEE Transactions on Software Engineering, 1999