Discovering and Mitigating New Attack Paths Using Graphical Security Models

Jin Bum Hong, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

3 Citations (Scopus)

Abstract

To provide a comprehensive security analysis of modern networked systems, we need to take into account the combined effects of existing vulnerabilities and zero-day vulnerabilities. In addition to them, it is important to incorporate new vulnerabilities emerging from threats such as BYOD, USB file sharing. Consequently, there may be new dependencies between system components that could also create new attack paths, but previous work did not take into account those new attack paths in their security analysis (i.e., not all attack paths are taken into account). Thus, countermeasures may not be effective, especially against attacks exploiting the new attack paths. In this paper, we propose a Unified Vulnerability Risk Analysis Module (UV-RAM) to address the aforementioned problems by taking into account the combined effects of those vulnerabilities and capturing the new attack paths. The three main functionalities of UV-RAM are: (i) to discover new dependencies and new attack paths, (ii) to incorporate new vulnerabilities introduced and zero-day vulnerabilities into security analysis, and (iii) to formulate mitigation strategies for hardening the networked system. Our experimental results demonstrate and validate the effectiveness of UV-RAM.

Original languageEnglish
Title of host publicationProceedings: 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2017
Place of PublicationUSA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages45-52
Number of pages8
ISBN (Electronic)9781538622728
DOIs
Publication statusPublished - 30 Aug 2017
Externally publishedYes
Event47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2017 - Denver, United States
Duration: 26 Jun 201729 Jun 2017

Conference

Conference47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops, DSN-W 2017
CountryUnited States
CityDenver
Period26/06/1729/06/17

Fingerprint

Dive into the research topics of 'Discovering and Mitigating New Attack Paths Using Graphical Security Models'. Together they form a unique fingerprint.

Cite this