1 / 25

Tao Zhang, Chong Wu Harbin Institute of Technology, Harbin, China. Sairam Kambhala .

Tao Zhang, Chong Wu Harbin Institute of Technology, Harbin, China. Sairam Kambhala . Contents. The wider the network applications, the more complex the computer and network’s security problems are. How secure a computer network is ?? How to determine its security state.

cais
Download Presentation

Tao Zhang, Chong Wu Harbin Institute of Technology, Harbin, China. Sairam Kambhala .

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tao Zhang, Chong Wu Harbin Institute of Technology, Harbin, China. SairamKambhala.

  2. Contents

  3. The wider the network applications, the more complex the computer and network’s security problems are. • How secure a computer network is ?? How to determine its security state. • Building a model of computer network security status space by analyzing network security attributes like host, user privilege, connection relation etc. • Traditional Vulnerability scanning is not quite enough for checking a whole system.

  4. System visitors can be classified according to the capability to access the system resources. • Rearrange the visitors and so the possible privileges can be classified accordingto user’s roles. • P={Access, Guest, User, Supuser, Root} • Pi i={1,2,…5}.

  5. Current computer networks are based on TCP/IP protocol. • According to this technology principle, the connections of network devices are distributed on different layers. • The protocols that make up the TCP/IP family can be divided into groups of similar functionality for convenience.

  6. The connection relations can be expressed as a set and then the connection relation between two devices is a sub-set of this set. • The connection relations set between host and devices is Protocol={pro1, pro2,…pron} . proii={1,2…n} represents a connection relation. • Connection relations between hosts are represented by a triad (HSRC, HDST, Protocols) HSRC – Source Host HDST – Destination Host Protocols – Sub-sets of connection relations sets exist between the source host and the destination host.{Empty Set} , {Localhost}

  7. It is a fault caused by an error in the design, development, configuration or by using some kind of software which could introduce some loopholes in the design. • V = {vul1,vul2,….vulm } . Vulii=(1,2…n). • Every vulnerability is represented by a tuple (BID, NAME, OS, DATE).

  8. Computers, routers, switches etc… • H = {h1, h2, ….hm} . hi (i=1,2…m) • A host is represented by a tuple (HOSTID, OS, SVCS, VULS) • Summary: Security Status (SS) = {(Pn, hi) , (hj, hk, protocols)} n = 1,2,...4 ; i,j,k= 1,2…m

  9. Using a vulnerability to attack can be seen as a map from a set of preconditions to a set of results. • Attack_rule = {Preconditions, Postconditions} • Preconditions = {srcprivilege, dstprivilege, vuls, protocols} • Postconditions = {rslt_privilege, rslt_protocols, rslt_vuls}

  10. Attack_rule = { {Src_privilege, Dst_privilege, Vuls} , {Rslt_privilege, Rslt_protocols, Rslt_vuls} }

  11. The computer network security status space , SSP = (SS , AR) • SS = Security Space • AR = Attack Rules = {attack_rule1,attack_rule2, .…attack_rulem}

  12. The Node and Edge of Attack Graph • Algorithm to Generate Attack route

  13. An attack graph is a graph-based description representing the threat to security of information system by synthesizing the attacker’s starting point, host information and network topology. • SSP can be used to describe the attack graph. • Nodes represent the SS. When the node transfers, the SS of attacker is changed. • The directed edges represent the mapping relations as (HSRC, HDST, attack_rule)

  14. Assumption 1 : The attacker has the powerful attack ability, namely attacker who knows the vulnerability well in system, has the ability to attack these vulnerabilities. • Assumption 2: The attacker is sophisticated so that he doesn’t launch an attack to get the privilege that he has possessed.

  15. Algorithm: • From the initial network state, find all network states the attacker could get directly, and add these network states into State Queue. • Choose a state from State Queue as Cur state, and finds all networks states which could be got directly from Cur state as New states. If a state is new, then it would be added into State queue. • When the State queue is not empty, it would return to step 2. If the State queue is empty, the algorithm finishes. • Note: An attack graph generation tool like Graphvizis used to generate the attack graph using the above algorithm.

  16. Consider the following scenario:

  17. Connection relation is given as below: • The attacker will attack the internal network using host IP0, and the attacker has the highest privilege of ROOT on IP0. • Objective is to get the privilege of ROOT on IP2

  18. One best way to determine the security state of a computer network is to analyze the security attributes and come up a with an attack graph. • Easy, usable and effective. • Future study: Optimization of the Graph generation algorithm.

  19. Network Security Analysis Based on Security Status Space • Tao Zhang, Chong Wu. • Network Security Evaluation through Attack Graph Generation • Zhang Lefung, Tang Hong.

  20. Thank you. Any Questions??

More Related