Title :
Study of generating attack graph based on privilege escalation for computer networks
Author :
Chen, Xiuzhen ; Li, Jianhua ; Zhang, Shaojun
Author_Institution :
Sch. of Inf. Security Eng., Shanghai Jiaotong Univ., Shanghai, China
Abstract :
All current vulnerability assessment tools only can locate individual vulnerabilities on a single host without considering correlated effect of these vulnerabilities. Aiming at this issue, this paper proposes a method of generating attack graph based on privilege escalation. The vulnerabilities and known attacks with their prerequisites and consequences are modeled based on predicate logic theory and are correlated so as to automatically construct attack graphs with strong operation power of RDBMS. The testing result shows that this system can discover security problems undetectable if only the hosts are assessed individually in a network without simulating attacks. As an application based on relational database, it can be easily integrated with other security tools based on RDBMS.
Keywords :
computer networks; graph theory; relational databases; telecommunication security; RDBMS; attack graph; computer networks; predicate logic theory; privilege escalation; relational database; Computer networks; Data security; Explosions; Information security; Logic programming; Power system modeling; Power system security; Relational databases; Search engines; Visualization; attack graph; network security; predicate logic; relational database management system; vulnerability;
Conference_Titel :
Communication Systems, 2008. ICCS 2008. 11th IEEE Singapore International Conference on
Conference_Location :
Guangzhou
Print_ISBN :
978-1-4244-2423-8
Electronic_ISBN :
978-1-4244-2424-5
DOI :
10.1109/ICCS.2008.4737375
