Franqueira, Virginia N. L., Lopes, Raul H. C., van Eck, Pascal (2009) Multi-step Attack Modelling and Simulation (MsAMS) Framework Based on Mobile Ambients. In: Proceedings of the 2009 ACM symposium on Applied Computing (SAC 09). . pp. 66-73. ACM Press ISBN 978-1-60558-166-8. (doi:10.1145/1529282.1529294) (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided) (KAR id:77202)
PDF
Publisher pdf
Language: English Restricted to Repository staff only |
|
|
|
Official URL: https://doi.org/10.1145/1529282.1529294 |
Abstract
Attackers take advantage of any security breach to penetrate an organisation perimeter and exploit hosts as stepping stones to reach valuable assets, deeper in the network. The exploitation of hosts is possible not only when vulnerabilities in commercial off-the-shelf (COTS) software components are present, but also, for example, when an attacker acquires a credential on one host which allows exploiting further hosts on the network. Finding attacks involving the latter case requires the ability to represent dynamic models. In fact, more dynamic aspects are present in the network domain such as attackers accumulate resources (i.e. credentials) along an attack, and users and assets may move from one environment to another, although always constrained by the ruling of the network. In this paper we address these dynamic issues by presenting MsAMS (Multi-step Attack Modelling and Simulation), an implemented framework, based on Mobile Ambients, to discover attacks in networks. The idea of ambients fits naturally into this domain and has the advantage of providing flexibility for modelling. Additionally, the concept of mobility allows the simulation of attackers exploiting opportunities derived either from the exploitation of vulnerable and non-vulnerable hosts, through the acquisition of credentials. It also allows expressing security policies embedded in the rules of the ambients.
Item Type: | Conference or workshop item (Proceeding) |
---|---|
DOI/Identification number: | 10.1145/1529282.1529294 |
Uncontrolled keywords: | Network Attack, Vulnerability Assessment, Attack Graph, Hypergraph |
Divisions: | Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing |
Depositing User: | Virginia Franqueira |
Date Deposited: | 10 Oct 2019 16:06 UTC |
Last Modified: | 16 Nov 2021 10:26 UTC |
Resource URI: | https://kar.kent.ac.uk/id/eprint/77202 (The current URI for this page, for reference purposes) |
- Export to:
- RefWorks
- EPrints3 XML
- BibTeX
- CSV
- Depositors only (login required):