Scenario Graphs and Attack Graphs

Sheyner, Oleg M.

Scenario Graphs and Attack Graphs

Active / Technical Report | Accession Number: ADA461100 |

Open PDF

Abstract:

For the past twenty years, model checking has been used successfully in many engineering projects. Model checkers assist the engineer in identifying automatically individual design flaws in a system. A typical model checker takes as input a model of the system and a correctness specification. It checks the model against the specification for erroneous behavior. If erroneous behavior exists, the model checker produces an example that helps the user understand and address the problem. Once the problem is fixed, the user can repeat the process until the model satisfies the specification perfectly. In some situations the process of repeatedly checking for and fixing individual flaws does not work well. Sometimes it is not feasible to eliminate every undesirable behavior. For instance, network security cannot in practice be made perfect due to a combination of factors software complexity, desire to keep up with the latest features, expense of fixing known system vulnerabilities, etc. Despite these difficulties, network system administrators would invest the time and resources necessary to find and prevent the most destructive intrusion scenarios. However, the find problem- fix problem-repeat engineering paradigm inherent in traditional uses of model checkers does not make it easy to prioritize the problems and focus the limited available resources on the most pressing tasks.

Author(s):

Sheyner, Oleg M.

Author Organization(s):

CARNEGIE-MELLON UNIV PITTSBURGH PA SCHOOL OF COMPUTER SCIENCE

Descriptive Note:

Doctoral thesis

Supplementary Note:

The original document contains color images. Sponsored in part by AFRL and MPO under contract no. MDA904-99C5-020.

Pagination:

0142

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

CMU-CS-04-122

Contract/Grant Number(s):

DAAD19-01-1-0485, F30602-00-2-0523

Monitor Series:

ARO

Subject Terms

Joint Capability Areas:

JCA_7_Protection; JCA_5_Command and Control; JCA_6_Net Centric; JCA_7.2.1_Mitigate Lethal Effects; JCA_7.2_Mitigate; JCA_5.3_Planning; JCA_6.1_Information Transport; JCA_6.4.1_Secure Information Exchange; JCA_4.7.2_Installation Services; JCA_4.7_Base and Installations Support; JCA_6.4_Information Assurance; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_5.3.2_Apply Situational Understanding; JCA_8_Building Partnerships; JCA_8.2_Shape; JCA_8.2.4_Leverage Capacities and Capabilities of Security Establishments; JCA_5.3.3_Develop Strategy; JCA_3.2_Engagement; JCA_3_Force Application; JCA_3.2.2_Non-Kinetic Means

Modernization Areas:

Cyber; Quantum Science and Computing; AI and Machine Learning

Communities of Interest:

Energy and Power Technologies

Descriptor(s):

*GRAPHS, ALGORITHMS, SCENARIOS, THESES, INTRUSION DETECTION(COMPUTERS), ELECTRONIC SECURITY, ATTACK, NETWORKS

Field(s)/Group(s):

Computer Programming and Software

Report Date:

2004 Apr 14

Creation Date:

2007 Feb 21