Project

Mission impact analysis in enterprise networks

Project (M.S., Computer Science)--California State University, Sacramento, 2017.

An intruder attacks a computer network and breaks into it by exploiting a combination of system vulnerabilities. An attack graph models security vulnerabilities of a network and a sequence of all possible exploits that an intruder can use to get incremental access to critical resources. However, an attack graph fails in assuring missions of the victim networks. Current research does not concentrate on the impact of attacks on missions.
 To prevent or minimize the possibility of critical missions from getting impacted, mission cyber resilience or active cyber defense is very important. Mission impact graph is a graphical model that enables mission impact assessment and cyber resilience or active cyber defense. As a result, it can improve cyber resilience analysis on systems with critical missions.
 Even though these graphs are efficient, their size and complexity can make them difficult for human to fully understand and make use of the information received. Filtering
 this huge amount of complex information is important to help an administrator of a network effectively allocate resources. Therefore, we require a way to prioritize this valuable information into a priority list to help an administrator better understand security problems and efficiently utilize human and financial resources.
 Following an approach based on Google PageRank and Asset Rank, we compute relative importance of the nodes in a mission impact graph. The nodes in a mission impact graph contain information such as mission-task dependencies; status of missions, tasks, services and assets; and the causality relationships between all the nodes. As a result, it can significantly improve the understanding of security risks on a network and analyze proper countermeasures.

An intruder attacks a computer network and breaks into it by exploiting a combination of system vulnerabilities. An attack graph models security vulnerabilities of a network and a sequence of all possible exploits that an intruder can use to get incremental access to critical resources. However, an attack graph fails in assuring missions of the victim networks. Current research does not concentrate on the impact of attacks on missions. To prevent or minimize the possibility of critical missions from getting impacted, mission cyber resilience or active cyber defense is very important. Mission impact graph is a graphical model that enables mission impact assessment and cyber resilience or active cyber defense. As a result, it can improve cyber resilience analysis on systems with critical missions. Even though these graphs are efficient, their size and complexity can make them difficult for human to fully understand and make use of the information received. Filtering this huge amount of complex information is important to help an administrator of a network effectively allocate resources. Therefore, we require a way to prioritize this valuable information into a priority list to help an administrator better understand security problems and efficiently utilize human and financial resources. Following an approach based on Google PageRank and Asset Rank, we compute relative importance of the nodes in a mission impact graph. The nodes in a mission impact graph contain information such as mission-task dependencies; status of missions, tasks, services and assets; and the causality relationships between all the nodes. As a result, it can significantly improve the understanding of security risks on a network and analyze proper countermeasures.

Relationships

Items