A Mobile Ambients-based Approach for Network Attack Modelling and Simulation

V. Nunes Leal Franqueira; Pascal van Eck; Roelf J. Wieringa; Raul H.C. Lopes

doi:10.1109/ARES.2009.125

A Mobile Ambients-based Approach for Network Attack Modelling and Simulation

V. Nunes Leal Franqueira, Pascal van Eck, Roelf J. Wieringa, Raul H.C. Lopes

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

2 Citations (Scopus)

75 Downloads (Pure)

Abstract

Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets.

Original language	Undefined
Title of host publication	Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security)
Place of Publication	Los Alamitos
Publisher	IEEE Computer Society Press
Pages	546-553
Number of pages	8
ISBN (Print)	978-0-7695-3564-7
DOIs	https://doi.org/10.1109/ARES.2009.125
Publication status	Published - Mar 2009
Event	4th International Conference on Availability, Reliability and Security, ARES 2009: The International Dependability Conference - Fukuoka Institute of Technology (FIT), Fukuoka, Japan Duration: 16 Mar 2009 → 19 Mar 2009 Conference number: 4

Publication series

Name
Publisher	IEEE Computer Society Press

Workshop

Workshop	4th International Conference on Availability, Reliability and Security, ARES 2009
Abbreviated title	ARES
Country	Japan
City	Fukuoka
Period	16/03/09 → 19/03/09

Keywords

SCS-Services
IR-65226
METIS-263704
EWI-14627

Access to Document

10.1109/ARES.2009.125

modelling_vfranqueira_ARES09
open
modelling_vfranqueira_ARES09
open

Cite this

Nunes Leal Franqueira, V., van Eck, P., Wieringa, R. J., & Lopes, R. H. C. (2009). A Mobile Ambients-based Approach for Network Attack Modelling and Simulation. In Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security) (pp. 546-553). IEEE Computer Society Press. https://doi.org/10.1109/ARES.2009.125

Nunes Leal Franqueira, V. ; van Eck, Pascal ; Wieringa, Roelf J. ; Lopes, Raul H.C. / A Mobile Ambients-based Approach for Network Attack Modelling and Simulation. Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security). Los Alamitos : IEEE Computer Society Press, 2009. pp. 546-553

@inproceedings{851d56ad206f4038a15d70bbb5a726cf,

title = "A Mobile Ambients-based Approach for Network Attack Modelling and Simulation",

abstract = "Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets.",

keywords = "SCS-Services, IR-65226, METIS-263704, EWI-14627",

author = "{Nunes Leal Franqueira}, V. and {van Eck}, Pascal and Wieringa, {Roelf J.} and Lopes, {Raul H.C.}",

note = "10.1109/ARES.2009.125 ; null ; Conference date: 16-03-2009 Through 19-03-2009",

year = "2009",

month = mar,

doi = "10.1109/ARES.2009.125",

language = "Undefined",

isbn = "978-0-7695-3564-7",

publisher = "IEEE Computer Society Press",

pages = "546--553",

booktitle = "Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security)",

}

Nunes Leal Franqueira, V, van Eck, P, Wieringa, RJ & Lopes, RHC 2009, A Mobile Ambients-based Approach for Network Attack Modelling and Simulation. in Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security). IEEE Computer Society Press, Los Alamitos, pp. 546-553, 4th International Conference on Availability, Reliability and Security, ARES 2009, Fukuoka, Japan, 16/03/09. https://doi.org/10.1109/ARES.2009.125

A Mobile Ambients-based Approach for Network Attack Modelling and Simulation. / Nunes Leal Franqueira, V.; van Eck, Pascal; Wieringa, Roelf J.; Lopes, Raul H.C.

Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security). Los Alamitos : IEEE Computer Society Press, 2009. p. 546-553.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - A Mobile Ambients-based Approach for Network Attack Modelling and Simulation

AU - Nunes Leal Franqueira, V.

AU - van Eck, Pascal

AU - Wieringa, Roelf J.

AU - Lopes, Raul H.C.

N1 - Conference code: 4

PY - 2009/3

Y1 - 2009/3

N2 - Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets.

AB - Attack Graphs are an important support for assessment and subsequent improvement of network security. They reveal possible paths an attacker can take to break through security perimeters and traverse a network to reach valuable assets deep inside the network. Although scalability is no longer the main issue, Attack Graphs still have some problems that make them less useful in practice. First, Attack Graphs remain difficult to relate to the network topology. Second, Attack Graphs traditionally only consider the exploitation of vulnerable hosts. Third, Attack Graphs do not rely on automatic identification of potential attack targets. We address these gaps in our MsAMS (Multi-step Attack Modelling and Simulation) tool, based on Mobile Ambients. The tool not only allows the modelling of more static aspects of the network, such as the network topology, but also the dynamics of network attacks. In addition to Mobile Ambients, we use the PageRank algorithm to determine targets and hub scores produced by the HITS (Hypertext Induced Topic Search) algorithm to guide the simulation of an attacker searching for targets.

KW - SCS-Services

KW - IR-65226

KW - METIS-263704

KW - EWI-14627

U2 - 10.1109/ARES.2009.125

DO - 10.1109/ARES.2009.125

M3 - Conference contribution

SN - 978-0-7695-3564-7

SP - 546

EP - 553

BT - Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security)

PB - IEEE Computer Society Press

CY - Los Alamitos

Y2 - 16 March 2009 through 19 March 2009

ER -

Nunes Leal Franqueira V, van Eck P, Wieringa RJ, Lopes RHC. A Mobile Ambients-based Approach for Network Attack Modelling and Simulation. In Proceedings of the Fourth International Workshop on Dependability Aspects on Data Warehousing and Mining applications, DAWAM 2009 (in conjunction with ARES 2009, The Fourth International Conference on Availability, Reliability and Security). Los Alamitos: IEEE Computer Society Press. 2009. p. 546-553 https://doi.org/10.1109/ARES.2009.125