A Mobile Ambients-based Approach for Network Attack Modelling and Simulation

V. Nunes Leal Franqueira, Pascal van Eck, Roelf J. Wieringa, Raul H.C. Lopes

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    2 Citations (Scopus)
    75 Downloads (Pure)

    Abstract

    Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets.
    Original languageUndefined
    Title of host publicationProceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security)
    Place of PublicationLos Alamitos
    PublisherIEEE Computer Society Press
    Pages546-553
    Number of pages8
    ISBN (Print)978-0-7695-3564-7
    DOIs
    Publication statusPublished - Mar 2009
    Event4th International Conference on Availability, Reliability and Security, ARES 2009: The International Dependability Conference - Fukuoka Institute of Technology (FIT), Fukuoka, Japan
    Duration: 16 Mar 200919 Mar 2009
    Conference number: 4

    Publication series

    Name
    PublisherIEEE Computer Society Press

    Workshop

    Workshop4th International Conference on Availability, Reliability and Security, ARES 2009
    Abbreviated titleARES
    CountryJapan
    CityFukuoka
    Period16/03/0919/03/09

    Keywords

    • SCS-Services
    • IR-65226
    • METIS-263704
    • EWI-14627

    Cite this