Journal of Korea Society of Digital Industry and Information Management (디지털산업정보학회논문지)

Korea Society of Digital Industry and Information Management (디지털산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on an Extended Cyber Attack Tree for an Analysis of Network Vulnerability

네트워크 취약성 분석을 위한 확장된 사이버 공격 트리에 관한 연구

  • 엄정호 (성균관대학교 정보통신학부 BK21) ;
  • 박선호 (성균관대학교 컴퓨터공학과) ;
  • 정태명 (성균관대학교 컴퓨터공학과)
  • Received : 2010.08.07
  • Accepted : 2010.08.28
  • Published : 2010.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

We extended a general attack tree to apply cyber attack model for network vulnerability analysis. We defined an extended cyber attack tree (E-CAT) which extends the general attack tree by associating each node of the tree with a transition of attack that could have contributed to the cyber attack. The E-CAT resolved the limitation that a general attack tree can not express complex and sophisticate attacks. Firstly, the Boolean expression can simply express attack scenario with symbols and codes. Secondary, An Attack Generation Probability is used to select attack method in an attack tree. A CONDITION-composition can express new and modified attack transition which a aeneral attack tree can not express. The E-CAT is possible to have attack's flexibility and improve attack success rate when it is applied to cyber attack model.

Keywords

References

  1. Ariel Futoransky et al, "Building computer network attacks," Technical report, Core Labs, Core Security Technology, 2003.
  2. 엄정호 외 2명, "보안 안전성을 위한 자동화 보안진단평가 시스템에 관한 연구," 디지털산업정보학회논문지, 제5권 제4호, December, 2009, pp. 109-116.
  3. 엄정호 외 3명, "사이버 공격과 보안 기술," 홍릉과학출판사, 2009, pp. 3-9.
  4. Curt A. Carver, et al, "Military Academy Attack/Defense Network," Annual IEEE Information Assurance Workshop, Jun, 2002, pp. 29-34.
  5. Kristopher Daley, Ryan Larson, and Jerald Dawkins, "A Structural Framework for Modeling Multi-stage Network Attacks," Proceeding of the International Conference on Parallel Processing Workshops, Aug, 2002, pp. 5-10.
  6. Bruce Schneier, "Attack Trees: Modeling Security Threats," Dr. Dobb's Journal, Dec, 1999.
  7. Cynthia Phillips and Laura Painton Swiler, "A graph-based system for network vulnerability analysis," Proceedings of the 1998 workshop on new security paradigms, ACM press, Sept, 1998, pp. 71-79.
  8. Wei Wang and Thomas E. Daniels, "A Graph Based Approach Toward Network Forensics Analysis," ACM Transactions on Information and Systems Security, Vol. 12, No. 1, Oct, 2008, pp. 401-433.
  9. Bruce Schneier, "Secrets and Lies: Digital Security in a Networked World," John Wiley & Sons, 2000.
  10. Vineet Saini, et al, "Threat modeling using attack trees," Journal of Computing Sciences in Colleges, Vol. 23, Issue4, Apr, 2008, pp. 124-131.
  11. Nayot Poolsapassit and Indrajit Ray, "Investigating Computer Attacks using Attack Trees," Advances in Digital Forensics III, Vol. 242, Nov, 2007, pp. 331-343.
  12. Seyit Anmet Camtepe and Bulent Yener, "Modeling and Detection of Complex Attacks," Proceedings of the third international conference on security and privacy in communication networks, Sept, 2007, pp. 234-243.
  13. Hubert Comon, et al, "Tree Automata Techniques and Applications," TATA, Sept, 2002.
  14. Jung ho Eom, et al, "Active Cyber Attack model for Network system's Vulnerability Assessment," International Conference on Information Science and Security(ICISS 2008), Jan, 2008, pp. 153-158.
  15. Jong-yeub Lee, et al, "Monitoring and Investigation of DoS Attack," KNOM Reveiw, Vol. 6, No. 2, Feb, 2004, pp. 33-40.
  16. Andrew P. Moore et al, "Attack Modeling for Information Security and Survivability," Technical Note, CMU/SEI-2001-TN-001, Mar, 2001.