Browse > Article
http://dx.doi.org/10.13089/JKIISC.2011.21.3.67

An Architecture of a Dynamic Cyber Attack Tree: Attributes Approach  

Eom, Jung-Ho (Daejeon University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.21, no.3, 2011 , pp. 67-74 More about this Journal
Abstract
In this paper, we presented a dynamic cyber attack tree which can describe an attack scenario flexibly for an active cyber attack model could be detected complex and transformed attack method. An attack tree provides a formal and methodical route of describing the security safeguard on varying attacks against network system. The existent attack tree can describe attack scenario as using vertex, edge and composition. But an attack tree has the limitations to express complex and new attack due to the restriction of attack tree's attributes. We solved the limitations of the existent attack tree as adding an threat occurrence probability and 2 components of composition in the attributes. Firstly, we improved the flexibility to describe complex and transformed attack method, and reduced the ambiguity of attack sequence, as reinforcing composition. And we can identify the risk level of attack at each attack phase from child node to parent node as adding an threat occurrence probability.
Keywords
IM-ACM; Insider threat; Access Control;
Citations & Related Records
연도 인용수 순위
  • Reference
1 "국내 주요사이트 대상 분산서비스거부공격 분석 보고서," 한국정보보호진흥원, 2009년 7월.
2 "DDoS 공격 비상, 어떻게 대처할 것인가? -7.7 DDoS 공격 유형 분석 및 대응방안-," 시스코 시스템즈 코리아, 2009년 7월.
3 Indrajit Ray and Nayot Poolsapassit, "Using Attack Trees to Identify Malicious Attacks from Authorized Insiders," 10th European Symposium on Research in Computer Security, LNCS 3679, pp. 231-246, 2005.
4 이종엽, 윤미선, 이훈, "DoS 공격의 유형 분석 및 탐지 방법," KNOM Reveiw, Vol. 6, No. 2, pp. 33-40, Feb. 2004.
5 Seyit Anmet Camtepe and Bulent Yener, "Modeling and Detection of Complex Attacks," Proceedings of the third international conference on security and privacy in communication networks, pp. 234-243, September 2007.
6 Ariel Futoransky, Luciano Notarfranc- esco, Gerardo Richarte and Carlos Sarrautel, "Building computer network attacks," Technical report, Core Labs, Core Security Technology, 2003.
7 Bruce Schneier, "Secrets and Lies: Digital Security in a Networked World," John Wiley & Sons, 2000.
8 Parvaiz Ahmed Khand, "System level Security modeling using Attack trees," Proceedings of the 2nd International Conference on Computer, Control and Communication, pp. 1-6, 2009.
9 Jung ho Eom, Seon ho Park, Young ju Han and Tai M. Chung, "Active Cyber Attack model for Network system's Vulnerability Assessment," International Conference on Information Science and Security, pp. 153-158, Jan. 2008.
10 S. Mauw and M. Oostdijk, "Foundations of attack trees," In Eighth Annual International Conference on Information Security and Cryptology, LNCS 3935, 2006.
11 엄정호, 박선호, 정태명, "네트워크 취약성 분석을 위한 확장된 사이버 공격 트리에 관한 연구," 디지털산업정보학회논문지, 6(3), pp. 49-58, 2010년 9월.
12 Aleksandr Matrosovl, "Stuxnet Under the Microscope," www.eset.com/ resources /white-papers /Stux-net_ under_the_Microscope.pdf, 2010.
13 Bruce Schneier, "Attack Trees: Modeling Security Threats," Dr. Dobb's Journal, Dec. 1999.
14 엄정호, 정태명, 한영주, 박선호, "사이버 공격과 보안기술," 홍릉과학출판사, 2009년.
15 Nayot Poolsapassit and Indrajit Ray, "Investigating Computer Attacks using Attack Trees," Advances in Digital Forensics III, Vol. 242, pp. 331-343, Nov. 2007.
16 Vineet Saini, Qiang Duan and Vamsi Paruchuri, "Threat modeling using attack trees," Journal of Computing Sciences in Colleges, Vol. 23, Issue 4, pp. 124-131, Apr. 2008.