Capability-Centric Attack Model for Network Security Analysis
Most network attack models have the problem of lacking ablility to describe all types of attack patterns in deltail, with no consideration of attackers skill and policy. To address the problem, this paper proposes a well-structured model that abstracts the relation between attacker capability and victim vulnerability, the relation between knowledge, resource and capability of attacker. Both these two relations can be used to support automatic correlating of vulnerability exploits to build all the attack paths from the attacker to the target. The basic block of the model is a logical formula called capability, which is used to abstract consistently and precisely all levels of accesses obtained by the attacker in each step of a multistage attack A flexible extensible language based on Pyke is developed to specify the model and derive inference rules to define logical relations between different capabilities, and a demonstration is given to show how it can be used in security applications such as vulnerability analysis and attack generation.
attack model capability security analysis
Shunhong Song Yuliang Lu Weiwei Cheng Huan Yuan
Department of Network Engineering Electronic Engineering Institute Hefei, 230037, China Department of Computer Research JiangNan Institute of Computing Technology Wuxi 214083 China
国际会议
2010 2nd International Conference on Signal Processing System(2010年信号处理系统国际会议 ICSPS 2010)
大连
英文
1212-1216
2010-07-05(万方平台首次上网日期,不代表论文的发表时间)