Your SlideShare is downloading. ×
0
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
01 Rieke
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

01 Rieke

481

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
481
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Systematic Network Vulnerability Analysis based on Attack Graphs Roland Rieke Fraunhofer-Institut Sichere Telekooperation Rheinstrasse 75, D-64295 Darmstadt, Germany E-Mail: rieke@sit.fraunhofer.de http://private.sit.fraunhofer.de/˜rol http://www.sit.fraunhofer.de/meta CELTIC Information Day 2004 Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 2. Challenge: Protect Critical Information Infrastructures Process to guide the systematic protection identify the organization’s critical infrastructures 1 determine the threats against those infrastructures 2 analyse the vulnerabilities of threatened infrastructures 3 assess the risks of degradation/loss of a critical infrastructure 4 apply countermeasures where risk is unacceptable 5 Objective of proposed Project support this analytical process develop tool based methods for a systematic evaluation assist with finally determining exactly what really needs protection & which strategy and means to apply Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 3. Challenge: Protect Critical Information Infrastructures Process to guide the systematic protection identify the organization’s critical infrastructures 1 determine the threats against those infrastructures 2 analyse the vulnerabilities of threatened infrastructures 3 assess the risks of degradation/loss of a critical infrastructure 4 apply countermeasures where risk is unacceptable 5 Objective of proposed Project support this analytical process develop tool based methods for a systematic evaluation assist with finally determining exactly what really needs protection & which strategy and means to apply Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 4. Example Scenario telework Attacker Vulnerability DB CAN_2003_0715 CVE_xxxx_yyyy CVE_xxxx_yyyy CAN_xxxx_yyyy CAN_xxxx_yyyy Internet portal nix_host CAN_2003_0693 CAN_2003_0620 CAN_2003_0694 CAN_2003_0693 CVE_1999_0035 CVE/CAN = Enterprise Network common vulnerabilities and exposures IDS = intrusion detection db_server system CAN_2002_0649 IDS_type1 detects CAN_2003_0715 CAN_2003_0693_ssh_exploit & rsh_login ms_host IDS_type2 detects CAN_2002_1262 CAN_2002_0649_sql_exploit CAN_2003_0715 Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 5. Example Scenario telework Attacker Vulnerability DB CAN_2003_0715 CVE_xxxx_yyyy CVE_xxxx_yyyy CAN_xxxx_yyyy CAN_xxxx_yyyy Internet IDS_type1 portal nix_host CAN_2003_0693 CAN_2003_0620 CAN_2003_0694 CAN_2003_0693 CVE_1999_0035 CVE/CAN = Enterprise Network common vulnerabilities and exposures IDS_type1 IDS = intrusion detection db_server system CAN_2002_0649 IDS_type1 detects CAN_2003_0715 CAN_2003_0693_ssh_exploit & rsh_login ms_host IDS_type2 IDS_type2 detects CAN_2002_1262 CAN_2002_0649_sql_exploit CAN_2003_0715 Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 6. Approach: Attack Graph Computation & Analysis Exploits Attacker Vulnerabilities - select Exploit - select Source + Target - Identifier - apply Exploit - Preconditions - Impact state components Enterprise Network - Hosts (Products, Services) - Topology (Firewalls) - Intrusion Detection Systems Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 7. Approach: Attack Graph Computation & Analysis Exploits initial state Attacker Vulnerabilities - select Exploit - select Source + Target - Identifier Attack Graph - apply Exploit - Preconditions - Impact M-1 state transition state components M-4 M-3 M-8 Enterprise Network - Hosts (Products, Services) - Topology (Firewalls) - Intrusion Detection Systems Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 8. Approach: Attack Graph Computation & Analysis Exploits initial state Attacker Vulnerabilities - select Exploit - select Source + Target - Identifier Attack Graph - apply Exploit - Preconditions - Impact M-1 state transition state components M-4 M-3 M-9 M-8 M-2 Enterprise Network Counteraction - Hosts (Products, Services) or Service - Topology (Firewalls) possible global states - Intrusion Detection Systems Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 9. Attack Graph Analysis: Questions Survivability Check security properties Can a client get answers from a DB-server What security goals can be broken when the network is under attack ? by a combination of exploits ? Quick check quot;am I affectedquot; Attack graph by a newly found vulnerability ? Intrusion detection M-1 What attacks are detected ? Cost/Benefit analysis What are the effects of changes M-4 M-3 M-9 M-8 M-2 to intrusion detection systems ? Find least cost attack breaking a given security property ? Abstraction How much impact can an attacker produce given a set of exploits ? How does the attack graph look like when only attacks that affect mission critical resources are shown ? Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 10. Attack Graph Analysis: Questions Survivability Check security properties Can a client get answers from a DB-server What security goals can be broken when the network is under attack ? by a combination of exploits ? Quick check quot;am I affectedquot; Attack graph by a newly found vulnerability ? Intrusion detection M-1 What attacks are detected ? Cost/Benefit analysis What are the effects of changes M-4 M-3 M-9 M-8 M-2 to intrusion detection systems ? Find least cost attack breaking a given security property ? Abstraction How much impact can an attacker produce given a set of exploits ? How does the attack graph look like when only attacks that affect mission critical resources are shown ? Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 11. Attack Graph Analysis: Questions Survivability Check security properties Can a client get answers from a DB-server What security goals can be broken when the network is under attack ? by a combination of exploits ? Quick check quot;am I affectedquot; Attack graph by a newly found vulnerability ? Intrusion detection M-1 What attacks are detected ? Cost/Benefit analysis What are the effects of changes M-4 M-3 M-9 M-8 M-2 to intrusion detection systems ? Find least cost attack breaking a given security property ? Abstraction How much impact can an attacker produce given a set of exploits ? How does the attack graph look like when only attacks that affect mission critical resources are shown ? Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 12. Attack Graph Analysis: Questions Survivability Check security properties Can a client get answers from a DB-server What security goals can be broken when the network is under attack ? by a combination of exploits ? Quick check quot;am I affectedquot; Attack graph by a newly found vulnerability ? Intrusion detection M-1 What attacks are detected ? Cost/Benefit analysis What are the effects of changes M-4 M-3 M-9 M-8 M-2 to intrusion detection systems ? Find least cost attack breaking a given security property ? Abstraction How much impact can an attacker produce given a set of exploits ? How does the attack graph look like when only attacks that affect mission critical resources are shown ? Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 13. Attack Graph Analysis: Questions Survivability Check security properties Can a client get answers from a DB-server What security goals can be broken when the network is under attack ? by a combination of exploits ? Quick check quot;am I affectedquot; Attack graph by a newly found vulnerability ? Intrusion detection M-1 What attacks are detected ? Cost/Benefit analysis What are the effects of changes M-4 M-3 M-9 M-8 M-2 to intrusion detection systems ? Find least cost attack breaking a given security property ? Abstraction How much impact can an attacker produce given a set of exploits ? How does the attack graph look like when only attacks that affect mission critical resources are shown ? Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 14. Attack Graph Analysis: Questions Survivability Check security properties Can a client get answers from a DB-server What security goals can be broken when the network is under attack ? by a combination of exploits ? Quick check quot;am I affectedquot; Attack graph by a newly found vulnerability ? Intrusion detection M-1 What attacks are detected ? Cost/Benefit analysis What are the effects of changes M-4 M-3 M-9 M-8 M-2 to intrusion detection systems ? Find least cost attack breaking a given security property ? Abstraction How much impact can an attacker produce given a set of exploits ? How does the attack graph look like when only attacks that affect mission critical resources are shown ? Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 15. Scope of proposed Project Develop Methodology & Tool support specification of critical network infrastructures 1 specification of known threats against network 2 analyse the vulnerabilities & verify security properties 3 cost-benefit analysis using risks assessments 4 survivability & countermeasure evaluation 5 Current Status some research work on methodology and prototype tool done presentation at Eicar Conference (May 2004) (industrial) partners needed for potential CELTIC consortium proposed work could be part of CELTIC Security Laboratory Roland Rieke Network Vulnerability Analysis based on Attack Graphs
  • 16. Scope of proposed Project Develop Methodology & Tool support specification of critical network infrastructures 1 specification of known threats against network 2 analyse the vulnerabilities & verify security properties 3 cost-benefit analysis using risks assessments 4 survivability & countermeasure evaluation 5 Current Status some research work on methodology and prototype tool done presentation at Eicar Conference (May 2004) (industrial) partners needed for potential CELTIC consortium proposed work could be part of CELTIC Security Laboratory Roland Rieke Network Vulnerability Analysis based on Attack Graphs

×