Abstract
Computer security has recently become more and more important as the world economy dependency from data has kept growing. The complexity of the systems that need to be kept secure calls for new models capable of abstracting the interdependencies among heterogeneous components that cooperate at providing the desired service. A promising approach is attack graph analysis, however the manual analysis of attack graphs is tedious and error prone. In this paper we propose to apply the metabolic network model to attack graphs analysis, using three interacting bio-inspired algorithms: topological analysis, flux balance analysis, and extreme pathway analysis. A developed framework for graph building and simulations as well as an introductory use case are also outlined.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Common Vulnerability Scoring System Version 3.0 Calculator (2017). https://www.first.org/cvss/calculator/3.0
Baddar, S.A.H., Merlo, A., Migliardi, M.: Anomaly detection in computer networks: a state-of-the-art review. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 5(4), 29–64 (2014)
Brin, S., Page, L.: The anatomy of a large-scale hypertextual web searchengine. Comput. Netw. ISDN Syst. 30(1), 107–117 (1998). https://doi.org/10.1016/S0169-7552(98)00110-X. Proceedings of the Seventh International World Wide Web Conference
Chokshi, I., Das, S., Ghosh, N., Ghosh, S., Kaushik, A., Sarkar, M.: NetSecuritas: an integrated attack graph-based security assessment tool for enterprise network. In: Proceedings of the 2015 International Conference on Distributed Computing and Networking (2015)
Conti, V., Ruffo, S., Vitabile, S., Barolli, L.: BIAM: a new bio-inspired analysis methodology for digital ecosystems based on a scale-free architecture. Soft Comput. 1–18 (2017)
Feng, P.: Wireless LAN security issues and solutions. In: 2012 IEEE Symposium on Robotics and Applications, ISRA, pp. 921–924, June 2012. https://doi.org/10.1109/ISRA.2012.6219343
Ficco, M.: Security event correlation approach for cloud computing. Int. J. High Perform. Comput. Netw. 7(3), 173–185 (2013)
Ghosh, N., Ghosh, S.K.: An intelligent technique for generating minimal attack graph. In: First Workshop on Intelligent Security (Security and Artificial Intelligence), SecArt (2009)
Gobbo, N., Merlo, A., Migliardi, M.: A denial of service attack to GSM networks via attach procedure. In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds.) CD-ARES 2013. LNCS, vol. 8128, pp. 361–376. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40588-4_25
Guimer, R., Amaral, L.: Functional cartography of complex metabolic network. Nature 433, 895–900 (2005)
Jalan, S., Kumar, P., Das, S.: Formalization of digital forensic theory by using Buchi Automaton. In: 2015 Third International Conference on Image Information Processing, pp. 102–108 (2015)
Kauffman, K., Prakash, P., Edwards, J.: Advances in flux balance analysis. Curr. Opin. Biotechnol. 14(5), 491–496 (2003)
Khoussainov, R., Patel, A.: LAN security: problems and solutions for Ethernet networks. Comput. Stand. Interfaces 22(3), 191–202 (2000). https://doi.org/10.1016/S0920-5489(00)00047-7
Kramer, D.: Attack-defence graph - on the formalisation of security-critical system. Master’s thesis. Saarland University, Germania (2015)
Lacroix, V., Cottret, L., Thbault, P., Sagot, M.: An introduction to metabolic networks and their structural analysis. IEEE/ACM Trans. Comput. Biol. Bioinform. 5(4), 594–617 (2008)
Merlo, A., Migliardi, M., Fontanelli, P.: On energy-based profiling of malware in Android, pp. 535–542 (2014). https://doi.org/10.1109/HPCSim.2014.6903732
Migliardi, M., Merlo, A.: Modeling the energy consumption of distributed IDS: a step towards Green security, pp. 1452–1457 (2011). https://www.scopus.com/inward/record.uri?eid=2-s2.0-80052297709partnerID=40md5=f36e30763ec3bc927c69575ba628cf18
Noel, S., Wang, L., Singhal, A., Jajodia, S.: Measuring security risk of networks using attack graphs. Proc. Int. J. Next-Gener. Comput. 1(1), 135–147 (2010)
Pasha, M., Qaiser, G., Pasha, U.: A critical analysis of software risk management techniques in large scale systems. IEEE Access 6, 12412–12424 (2018). https://doi.org/10.1109/ACCESS.2018.2805862
Schilling, C., Letscher, D., Palsson, B.: Theory for the systemic definition of metabolic pathways and their use in interpreting metabolic function from a pathway-oriented perspective. J. Theoret. Biol. 203(3), 229–248 (2000)
Singhal, A., Ou, X.: Security risk analysis of enterprise networks using probabilistic attack graph. NIST Interagency Report (7788) (2011)
Treinen, J.J., Thurimella, R.: Application of the PageRank algorithm to alarm graphs. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 480–494. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77048-0_37
US-CERT Security Operations Center: Security Operations NVD-2017 (2017). https://nvd.nist.gov/info/contact
Vitello, G., Alongi, A., Conti, V., Vitabile, S.: A bio-inspired cognitive agent for autonomous urban vehicles routing optimization. IEEE Trans. Cogn. Dev. Syst. 9(1), 5–15 (2017)
Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70567-3_22
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Conti, V., Ruffo, S.S., Merlo, A., Migliardi, M., Vitabile, S. (2018). A Bio-inspired Approach to Attack Graphs Analysis. In: Castiglione, A., Pop, F., Ficco, M., Palmieri, F. (eds) Cyberspace Safety and Security. CSS 2018. Lecture Notes in Computer Science(), vol 11161. Springer, Cham. https://doi.org/10.1007/978-3-030-01689-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-01689-0_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-01688-3
Online ISBN: 978-3-030-01689-0
eBook Packages: Computer ScienceComputer Science (R0)