Towards automated generation and visualization of hierarchical attack representation models

Fangcheng Jia, Jin B. Hong, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

3 Citations (Scopus)

Abstract

Attack Graphs (AGs) are a well-known formalism and there are tools available for AG generation and security risk analysis. The security posture of a networked system can be evaluated via an AG. However, as the size of the system becomes large, the AG suffers from the state-space explosion problem. Scalable security models have been developed to cope with this issue. Hierarchical Attack Representation Models (HARMs) is one of the scalable security models, the core idea of HARM is to separate the system representation into two layers; an upper layer (reachability) and a lower layer (vulnerability). In this paper, we propose a novel security modeling and analysis framework named Safelite that (i) automatically converts an AG into a HARM and (ii) visualizes the HARMs with relevant security information, respectively. We present the design and implementation of Safelite using example networks.

Original languageEnglish
Title of host publicationProceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015
Place of PublicationUnited States
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages1689-1696
Number of pages8
Volume2015
ISBN (Electronic)9781509001545
DOIs
Publication statusPublished - 22 Dec 2015
Externally publishedYes
Event15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 - Liverpool, United Kingdom
Duration: 26 Oct 201528 Oct 2015

Conference

Conference15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015
CountryUnited Kingdom
CityLiverpool
Period26/10/1528/10/15

Fingerprint

Visualization
Risk analysis
Explosions

Cite this

Jia, F., Hong, J. B., & Kim, D. S. (2015). Towards automated generation and visualization of hierarchical attack representation models. In Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 (Vol. 2015, pp. 1689-1696). [7363301] United States: IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.255
Jia, Fangcheng ; Hong, Jin B. ; Kim, Dong Seong. / Towards automated generation and visualization of hierarchical attack representation models. Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. Vol. 2015 United States : IEEE, Institute of Electrical and Electronics Engineers, 2015. pp. 1689-1696
@inproceedings{4ff2f322adc94174b2e34dd6621c558c,
title = "Towards automated generation and visualization of hierarchical attack representation models",
abstract = "Attack Graphs (AGs) are a well-known formalism and there are tools available for AG generation and security risk analysis. The security posture of a networked system can be evaluated via an AG. However, as the size of the system becomes large, the AG suffers from the state-space explosion problem. Scalable security models have been developed to cope with this issue. Hierarchical Attack Representation Models (HARMs) is one of the scalable security models, the core idea of HARM is to separate the system representation into two layers; an upper layer (reachability) and a lower layer (vulnerability). In this paper, we propose a novel security modeling and analysis framework named Safelite that (i) automatically converts an AG into a HARM and (ii) visualizes the HARMs with relevant security information, respectively. We present the design and implementation of Safelite using example networks.",
keywords = "Attack graphs, Hierarchical attack representation models, Security analysis, Visualization",
author = "Fangcheng Jia and Hong, {Jin B.} and Kim, {Dong Seong}",
year = "2015",
month = "12",
day = "22",
doi = "10.1109/CIT/IUCC/DASC/PICOM.2015.255",
language = "English",
volume = "2015",
pages = "1689--1696",
booktitle = "Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States",

}

Jia, F, Hong, JB & Kim, DS 2015, Towards automated generation and visualization of hierarchical attack representation models. in Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. vol. 2015, 7363301, IEEE, Institute of Electrical and Electronics Engineers, United States, pp. 1689-1696, 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015, Liverpool, United Kingdom, 26/10/15. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.255

Towards automated generation and visualization of hierarchical attack representation models. / Jia, Fangcheng; Hong, Jin B.; Kim, Dong Seong.

Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. Vol. 2015 United States : IEEE, Institute of Electrical and Electronics Engineers, 2015. p. 1689-1696 7363301.

Research output: Chapter in Book/Conference paperConference paper

TY - GEN

T1 - Towards automated generation and visualization of hierarchical attack representation models

AU - Jia, Fangcheng

AU - Hong, Jin B.

AU - Kim, Dong Seong

PY - 2015/12/22

Y1 - 2015/12/22

N2 - Attack Graphs (AGs) are a well-known formalism and there are tools available for AG generation and security risk analysis. The security posture of a networked system can be evaluated via an AG. However, as the size of the system becomes large, the AG suffers from the state-space explosion problem. Scalable security models have been developed to cope with this issue. Hierarchical Attack Representation Models (HARMs) is one of the scalable security models, the core idea of HARM is to separate the system representation into two layers; an upper layer (reachability) and a lower layer (vulnerability). In this paper, we propose a novel security modeling and analysis framework named Safelite that (i) automatically converts an AG into a HARM and (ii) visualizes the HARMs with relevant security information, respectively. We present the design and implementation of Safelite using example networks.

AB - Attack Graphs (AGs) are a well-known formalism and there are tools available for AG generation and security risk analysis. The security posture of a networked system can be evaluated via an AG. However, as the size of the system becomes large, the AG suffers from the state-space explosion problem. Scalable security models have been developed to cope with this issue. Hierarchical Attack Representation Models (HARMs) is one of the scalable security models, the core idea of HARM is to separate the system representation into two layers; an upper layer (reachability) and a lower layer (vulnerability). In this paper, we propose a novel security modeling and analysis framework named Safelite that (i) automatically converts an AG into a HARM and (ii) visualizes the HARMs with relevant security information, respectively. We present the design and implementation of Safelite using example networks.

KW - Attack graphs

KW - Hierarchical attack representation models

KW - Security analysis

KW - Visualization

UR - http://www.scopus.com/inward/record.url?scp=84964294508&partnerID=8YFLogxK

U2 - 10.1109/CIT/IUCC/DASC/PICOM.2015.255

DO - 10.1109/CIT/IUCC/DASC/PICOM.2015.255

M3 - Conference paper

VL - 2015

SP - 1689

EP - 1696

BT - Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - United States

ER -

Jia F, Hong JB, Kim DS. Towards automated generation and visualization of hierarchical attack representation models. In Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. Vol. 2015. United States: IEEE, Institute of Electrical and Electronics Engineers. 2015. p. 1689-1696. 7363301 https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.255