nach oben

The Journal of Supercomputing

Erschienen in:

10.05.2018

A semantic approach to improving machine readability of a large-scale attack graph

verfasst von: Jooyoung Lee, Daesung Moon, Ikkyun Kim, Youngseok Lee

Erschienen in: The Journal of Supercomputing | Ausgabe 6/2019

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Automation in cyber security can be achieved by using attack graphs. Attack graphs allow us to model possible paths that a potential attacker can use to intrude into a target network. In particular, graph representation is often used to increase visibility of information, but it is not effective when a large-scale attack graph is produced. However, it is inevitable that such a voluminous attack graph is generated by modeling a variety of data from an increasing number of network hosts. Therefore, we need more intelligent ways of inferring the knowledge required to harden network security from the attack graph, beyond getting information such as possible attack paths. Ontology technology enables a machine to understand information and makes it easier to infer knowledge based on relational facts from big data. Constructing ontology in the domain of attack graph generation is a prerequisite for increasing machine intelligence and implementing an automated process. In this paper, we propose a semantic approach to make a large-scale attack graph machine readable. The approach provides several benefits. First, users can obtain relational facts based on reasoning from a large-scale attack graph, and the semantics of an attack graph can provide intuition to users. In addition, intelligence-based security assessment can be possible using the obtained ontological structures. By improving the machine readability of an attack graph, our approach could lead to automated assessment of network security.

Vorheriger Artikel The individual identification method of wireless device based on dimensionality reduction and machine learning

Nächster Artikel ClaMPP: a cloud-based multi-party privacy preserving classification scheme for distributed applications

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Taylor J, Zaffarano K, Koller B, Bancroft C, Syversen J (2016) Automated effectiveness evaluation of moving target defenses: metrics for missions and attacks. In: Proceedings of the 2016 ACM Workshop on Moving Target Defense, pp 129–134. ACM

Zhang BC, Hu GY, Zhou ZJ, Zhang YM, Qiao PL, Chang LL (2017) Network intrusion detection based on directed acyclic graph and belief rule base. ETRI J 39(4):592–604CrossRef

Hu Z, Zhu M, Liu P (2017) Online algorithms for adaptive cyber defense on bayesian attack graphs. In: Proceedings of the 2017 Workshop on Moving Target Defense, pp 99–109. ACM

Nguyen TH, Wright M, Wellman MP, Baveja S (2017) Multi-stage attack graph security games: heuristic strategies, with empirical game-theoretic analysis. In: Proceedings of the 2017 Workshop on Moving Target Defense, pp 87–97. ACM

Kar J, Mishra MR (2016) Mitigating threats and security metrics in cloud computing. J Inform Process Syst 12(2):226–233

Chen H, Chen G, Blasch E, Kruger M, Sityar I (2007) Analysis and visualization of large complex attack graphs for networks security. In: Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2007, vol 6570, p 657004. International Society for Optics and Photonics

Homer J, Varikuti A, Ou X, McQueen MA (2008) Improving attack graph visualization through data reduction and attack grouping. In: Goodall JR, Conti G, Ma K-L (eds) Visualization for computer security. Springer, Berlin, pp 68–79CrossRef

Noel S, Jajodia S (2004) Managing attack graph complexity through visual hierarchical aggregation. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp 109–118. ACM

W3C (2014) RDF Schema 1.1, W3C recommendation. https://www.w3.org/TR/rdf-schema/. Accessed 25 Feb 2014

10.

W3C (2004) OWL web ontology language, W3C recommendation. https://www.w3.org/TR/owl-features/. Accessed 10 Feb 2004

11.

Ingols K, Lippmann R, Piwowarski K (2006) Practical attack graph generation for network defense. In: 22nd Annual Computer Security Applications Conference, 2006. ACSAC’06, pp 121–130. IEEE

12.

Kaynar K (2016) A taxonomy for attack graph generation and usage in network security. J Inform Secur Appl 29:27–56

13.

Sheyner O, Haines J, Jha S, Lippmann R, Wing JM (2002) Automated generation and analysis of attack graphs. In: 2002 IEEE Symposium on Security and Privacy, 2002. Proceedings, pp 273–284. IEEE

14.

Ritchey RW, Ammann P (2000) Using model checking to analyze network vulnerabilities. In: 2000 IEEE Symposium on Security and Privacy, 2000. S&P 2000. Proceedings, pp 156–165. IEEE

15.

Jajodia S, Noel S, O’Berry B (2005) Topological analysis of network attack vulnerability. In: Kumar V, Srivastava J, Lazarevic A (eds) Managing cyber threats. Springer, Boston, pp 247–266CrossRef

16.

Lippmann R, Ingols K, Scott C, Piwowarski K, Kratkiewicz K, Artz M, Cunningham R (2006) Validating and restoring defense in depth using attack graphs. In: Military Communications Conference, 2006. MILCOM 2006. IEEE, pp 1–10. IEEE

17.

Kotenko I, Stepashkin M (2006) Attack graph based evaluation of network security. In: IFIP International Conference on Communications and Multimedia Security, pp 216–227. Springer, Berlin, Heidelberg

18.

Ou X, Boyer WF, McQueen MA (2006) A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp 336–345. ACM

19.

Ou X, Govindavajhala S, Appel AW (2005) MulVAL: a logic-based network security analyzer. In: USENIX Security Symposium, p 8

20.

Noel S, Jajodia S, O’Berry B, Jacobs M (2003) Efficient minimum-cost network hardening via exploit dependency graphs. In: 19th Annual Computer Security Applications Conference, 2003. Proceedings, pp 86–95. IEEE

21.

Ammann P, Wijesekera D, Kaushik S (2002) Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp 217–224. ACM

22.

Kim S, Lee H, Kwon H, Lee S (2015) Evaluation model of defense information systems use. JoC 6(1):18–26

23.

Noel S, Jajodia S (2005) Understanding complex network attack graphs through clustered adjacency matrices. In: 21st Annual Computer Security Applications Conference, p 10. IEEE

24.

Mehta V, Bartzis C, Zhu H, Clarke E, Wing J (2006) Ranking attack graphs. In: International Workshop on Recent Advances in Intrusion Detection, pp 127–144. Springer, Berlin, Heidelberg

25.

Gruber TR (1993) A translation approach to portable ontology specifications. Knowl Acquis 5(2):199–220CrossRef

26.

Sriwanna K, Boongoen T, Iam-On N (2017) Graph clustering-based discretization of splitting and merging methods (GraphS and GraphM). Hum Centr Comput Inform Sci 7(1):21CrossRef

27.

Stepanova T, Pechenkin A, Lavrova D (2015) Ontology-based big data approach to automated penetration testing of large-scale heterogeneous systems. In: Proceedings of the 8th International Conference on Security of Information and Networks, pp 142–149. ACM

28.

Mann DE, Christey SM (1999) Towards a common enumeration of vulnerabilities. In: 2nd Workshop on Research with Security Vulnerability Databases, Purdue University, West Lafayette, IN

29.

MITRE (2012) Common configuration enumeration (CCE): unique identifier for common system configuration issues. https://nvd.nist.gov/config/cce/index. Accessed 20 Feb 2018

30.

Jeon KM, Park SY, Chun CJ, Park NI, Kim HK (2017) Multi-band approach to deep learning-based artificial stereo extension. ETRI J 39(3):398–405CrossRef

31.

Pang X, Zhou Y, Wang P et al (2018) An innovative neural network approach for stock market prediction. J Supercomput. https://doi.org/10.1007/s11227-017-2228-y

32.

Simperl E, Bürger T, Hangl S, Wörgl S, Popov I (2012) ONTOCOM: a reliable cost estimation method for ontology development projects. Web Semant 16:1–16CrossRef

Titel: A semantic approach to improving machine readability of a large-scale attack graph
verfasst von: Jooyoung Lee
Daesung Moon
Ikkyun Kim
Youngseok Lee
Publikationsdatum: 10.05.2018
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 6/2019
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-018-2394-6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 6/2019

A countermeasure against cryptographic key leakage in cloud: public-key encryption with continuous leakage and tampering resilience

A heuristic method-based parallel cooperative spectrum sensing in heterogeneous network

An ontology-driven personalized food recommendation in IoT-based healthcare system

Machine learning on big data for future computing

Real-time 3D reconstruction method using massive multi-sensor data analysis and fusion

Multidisciplinary design optimization for vehicle handling stability of steering-by-wire system

Premium Partner