Hybrid attack path enumeration system based on reputation scores

Young Hoon Moon; Ji Hong Kim; Dong Seong Kim; Huy Kang Kim

doi:10.1109/CIT.2016.75

Hybrid attack path enumeration system based on reputation scores

Young Hoon Moon, Ji Hong Kim, Dong Seong Kim, Huy Kang Kim

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

4 Citations (Scopus)

Abstract

As the cyber-attack trends are shifted from the volumetric attacks to the multi-layered attacks, it is more difficult for the IT administrators to find those attack attempts within their system and networks. However, vulnerability assessment is not easy due to the complex connections between multi-layered applications, servers, and networks. There are many security functionalities, but it is hard to apply strong security functionality to every information asset. In many cases, especially low computing power devices, authentication is the only or the first defense mechanism. Also, IT administrators continuously remove security vulnerabilities in applications, operating systems, and networks, but security vulnerabilities are repeatedly found due to the vendor's lack of security development process. To establish practical security defense strategy in the multi-layered network environment, we propose an advanced attack path enumeration methodology based on IT asset's reputations and authentication score. A predictive attack path enumeration based on our proposed method can help to find the best defense plan. We demonstrate our approach by design and implementation of a Hacking response measurement system and case study.

Original language	English
Title of host publication	Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	241-248
Number of pages	8
ISBN (Electronic)	9781509043149
DOIs	https://doi.org/10.1109/CIT.2016.75
Publication status	Published - 2017 Mar 10
Event	16th IEEE International Conference on Computer and Information Technology, CIT 2016 - Nadi, Fiji Duration: 2016 Dec 7 → 2016 Dec 10

Other

Other	16th IEEE International Conference on Computer and Information Technology, CIT 2016
Country/Territory	Fiji
City	Nadi
Period	16/12/7 → 16/12/10

Keywords

Attack graph
Attack path enumeration
Automated defense

ASJC Scopus subject areas

Software
Computer Science Applications
Computer Networks and Communications
Information Systems
Safety, Risk, Reliability and Quality

Access to Document

10.1109/CIT.2016.75

Cite this

Moon, Y. H., Kim, J. H., Kim, D. S., & Kim, H. K. (2017). Hybrid attack path enumeration system based on reputation scores. In Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016 (pp. 241-248). [7876344] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CIT.2016.75

Hybrid attack path enumeration system based on reputation scores. / Moon, Young Hoon; Kim, Ji Hong; Kim, Dong Seong et al.
Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 241-248 7876344.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Moon, YH, Kim, JH, Kim, DS & Kim, HK 2017, Hybrid attack path enumeration system based on reputation scores. in Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016., 7876344, Institute of Electrical and Electronics Engineers Inc., pp. 241-248, 16th IEEE International Conference on Computer and Information Technology, CIT 2016, Nadi, Fiji, 16/12/7. https://doi.org/10.1109/CIT.2016.75

Moon YH, Kim JH, Kim DS, Kim HK. Hybrid attack path enumeration system based on reputation scores. In Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 241-248. 7876344 doi: 10.1109/CIT.2016.75

Moon, Young Hoon ; Kim, Ji Hong ; Kim, Dong Seong et al. / Hybrid attack path enumeration system based on reputation scores. Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 241-248

@inproceedings{360c9ea6175043c7a377c844247c7bb0,

title = "Hybrid attack path enumeration system based on reputation scores",

abstract = "As the cyber-attack trends are shifted from the volumetric attacks to the multi-layered attacks, it is more difficult for the IT administrators to find those attack attempts within their system and networks. However, vulnerability assessment is not easy due to the complex connections between multi-layered applications, servers, and networks. There are many security functionalities, but it is hard to apply strong security functionality to every information asset. In many cases, especially low computing power devices, authentication is the only or the first defense mechanism. Also, IT administrators continuously remove security vulnerabilities in applications, operating systems, and networks, but security vulnerabilities are repeatedly found due to the vendor's lack of security development process. To establish practical security defense strategy in the multi-layered network environment, we propose an advanced attack path enumeration methodology based on IT asset's reputations and authentication score. A predictive attack path enumeration based on our proposed method can help to find the best defense plan. We demonstrate our approach by design and implementation of a Hacking response measurement system and case study.",

keywords = "Attack graph, Attack path enumeration, Automated defense",

author = "Moon, {Young Hoon} and Kim, {Ji Hong} and Kim, {Dong Seong} and Kim, {Huy Kang}",

year = "2017",

month = mar,

day = "10",

doi = "10.1109/CIT.2016.75",

language = "English",

pages = "241--248",

booktitle = "Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

note = "16th IEEE International Conference on Computer and Information Technology, CIT 2016 ; Conference date: 07-12-2016 Through 10-12-2016",

}

TY - GEN

T1 - Hybrid attack path enumeration system based on reputation scores

AU - Moon, Young Hoon

AU - Kim, Ji Hong

AU - Kim, Dong Seong

AU - Kim, Huy Kang

PY - 2017/3/10

Y1 - 2017/3/10

N2 - As the cyber-attack trends are shifted from the volumetric attacks to the multi-layered attacks, it is more difficult for the IT administrators to find those attack attempts within their system and networks. However, vulnerability assessment is not easy due to the complex connections between multi-layered applications, servers, and networks. There are many security functionalities, but it is hard to apply strong security functionality to every information asset. In many cases, especially low computing power devices, authentication is the only or the first defense mechanism. Also, IT administrators continuously remove security vulnerabilities in applications, operating systems, and networks, but security vulnerabilities are repeatedly found due to the vendor's lack of security development process. To establish practical security defense strategy in the multi-layered network environment, we propose an advanced attack path enumeration methodology based on IT asset's reputations and authentication score. A predictive attack path enumeration based on our proposed method can help to find the best defense plan. We demonstrate our approach by design and implementation of a Hacking response measurement system and case study.

AB - As the cyber-attack trends are shifted from the volumetric attacks to the multi-layered attacks, it is more difficult for the IT administrators to find those attack attempts within their system and networks. However, vulnerability assessment is not easy due to the complex connections between multi-layered applications, servers, and networks. There are many security functionalities, but it is hard to apply strong security functionality to every information asset. In many cases, especially low computing power devices, authentication is the only or the first defense mechanism. Also, IT administrators continuously remove security vulnerabilities in applications, operating systems, and networks, but security vulnerabilities are repeatedly found due to the vendor's lack of security development process. To establish practical security defense strategy in the multi-layered network environment, we propose an advanced attack path enumeration methodology based on IT asset's reputations and authentication score. A predictive attack path enumeration based on our proposed method can help to find the best defense plan. We demonstrate our approach by design and implementation of a Hacking response measurement system and case study.

KW - Attack graph

KW - Attack path enumeration

KW - Automated defense

UR - http://www.scopus.com/inward/record.url?scp=85017406724&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85017406724&partnerID=8YFLogxK

U2 - 10.1109/CIT.2016.75

DO - 10.1109/CIT.2016.75

M3 - Conference contribution

AN - SCOPUS:85017406724

SP - 241

EP - 248

BT - Proceedings - 2016 16th IEEE International Conference on Computer and Information Technology, CIT 2016, 2016 6th International Symposium on Cloud and Service Computing, IEEE SC2 2016 and 2016 International Symposium on Security and Privacy in Social Networks and Big Data, SocialSec 2016

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 16th IEEE International Conference on Computer and Information Technology, CIT 2016

Y2 - 7 December 2016 through 10 December 2016

ER -

Hybrid attack path enumeration system based on reputation scores

Abstract

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this