Network attack modeling, analysis, and response

Disclosed is a system for modeling, analyzing, and responding to network attacks. Machines are mapped to components, components are mapped to vulnerabilities, and vulnerabilities are mapped to exploits. Each of the exploits includes at least one precondition mapped to at least one postcondition. An...

Full description

Saved in:
Bibliographic Details
Main Authors Jajodia, Sushil, Noel, Steven E, Kalapa, Pramod, O'Berry, Brian C, Jacobs, Michael A, Robertson, Eric B, Weierbach, Robert G
Format Patent
LanguageEnglish
Published 08.03.2011
Online AccessGet full text

Cover

More Information
Summary:Disclosed is a system for modeling, analyzing, and responding to network attacks. Machines are mapped to components, components are mapped to vulnerabilities, and vulnerabilities are mapped to exploits. Each of the exploits includes at least one precondition mapped to at least one postcondition. An attack graph which defines inter-exploit distances is generated using at least one of the exploits. The attack graph is aggregated. At least one hardening option is determined using the aggregated attack graph. Hardening options include applying at least one corrective measure to at least one initial condition, where the initial condition is the initial state of a precondition.