Home // INTELLI 2014, The Third International Conference on Intelligent Systems and Applications // View article

The Concept of Attack Surface Reasoning

Authors:
Michael Atighetchi
Nathaniel Soule
Ron Watro
Joseph Loyall

Keywords: security, semantic web, analytical models

Abstract:
Today’s cyber defenses and cyber defenders face determined and diverse adversaries, who can study all aspects of deployed systems including networks, hosts, and the applications running on them, in order to find exploitable vulnerabilities and to devise attack vectors that exploit the detected vulnerabilities. The conflict between cyber attackers and cyber defenders is stacked against the defender. The defender must protect against all the ways that an adversary can cause potential loss of security, collectively called the attack surface, while the attacker needs to find only a single vulnerability and attack vector to be successful. This work-in-progress paper describes an AI-inspired approach for modeling and analyzing the attack surface of a distributed system. Once modeled, an attack surface can be quantified in terms of size and level of dynamism through four types of algorithms: path analysis, metric computation, path comparison, and path enumeration. Our approach supports relative comparison across multiple attack models for each combination of a system and a set of defenses, in order to select an appropriate set of defenses given a certain cost/benefit tradeoff.

Pages: 39 to 42

Copyright: Copyright (c) IARIA, 2014

Publication date: June 22, 2014

Published in: conference

ISSN: 2308-4065

ISBN: 978-1-61208-352-0

Location: Seville, Spain

Dates: from June 22, 2014 to June 26, 2014