Title

NetSecuritas: An Integrated Attack Graph-Based Security Assessment Tool for Enterprise Networks

Abstract

Sophisticated cyber-attacks have become prominent with the growth of the Internet and web technology. Such attacks are multi-stage ones, and correlate vulnerabilities on intermediate hosts to compromise an otherwise well-protected critical resource. Conventional security assessment approaches can leave out some complex scenarios generated by these attacks. In the literature, these correlated attacks have been modeled using attack graphs. Although a few attack graph-based network security assessment tools are available, they are either commercial products or developed using proprietary databases. In this paper, we develop a customized tool, NetSecuritas, which implements a novel heuristic-based attack graph generation algorithm and integrates different phases of network security assessment. NetSecuritas leverages open-source libraries, tools and publicly available databases. A cost-driven mitigation strategy has also been proposed to generate network security recommendations. Experimental results establish the efficacy of both attack graph generation and mitigation approach.

Meeting Name

2015 International Conference on Distributed Computing and Networking, ICDCN '15 (2015: Jan. 4-7, Goa, India)

Department(s)

Computer Science

Comments

The work is partially supported by a research grant from the Department of Electronics and Information Technology (DeitY), Ministry of Communication and Information Technology, Government of India under Grant No. 12(14)/09-ESD, dated 11-Jan-2010. The works of S. K. Das is partially supported by the US National Science Foundation under Award Numbers CNS-1404677 and DGE-1433659.

Keywords and Phrases

Complex networks; Computer crime; Distributed computer systems; Graphic methods; Attack graph; Attack graph generation algorithms; Commercial products; Mitigation strategy; Open-source libraries; Penetration testing; Security assessment; Vulnerability assessments; Network security

International Standard Book Number (ISBN)

978-1-4503-2928-6

Document Type

Article - Conference proceedings

Document Version

Citation

File Type

text

Language(s)

English

Rights

© 2015 Association for Computing Machinery (ACM), All rights reserved.

Share

 
COinS