A Layered Graphical Model for Mission Attack Impact Analysis
Title | A Layered Graphical Model for Mission Attack Impact Analysis |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Liu, C., Singhal, A., Wijesekera, D. |
Conference Name | 2017 IEEE Conference on Communications and Network Security (CNS) |
Publisher | IEEE |
ISBN Number | 978-1-5386-0683-4 |
Keywords | attack activities, attack logs, business data processing, business missions, Common Vulnerability Scoring System, compositionality, Computational modeling, Conferences, Cyber Dependencies, digital forensics, forensic investigators, Forensics, graph levels, graph theory, Human Behavior, human factors, layered graphical model, Legged locomotion, Metrics, military missions, mission attack impact analysis, NIST National Vulnerability Database, pubcrawl, resilience, Resiliency, Scalability, sockets, unanticipated cyber activities |
Abstract | Business or military missions are supported by hardware and software systems. Unanticipated cyber activities occurring in supporting systems can impact such missions. In order to quantify such impact, we describe a layered graphical model as an extension of forensic investigation. Our model has three layers: the upper layer models operational tasks that constitute the mission and their inter-dependencies. The middle layer reconstructs attack scenarios from available evidence to reconstruct their inter-relationships. In cases where not all evidence is available, the lower level reconstructs potentially missing attack steps. Using the three levels of graphs constructed in these steps, we present a method to compute the impacts of attack activities on missions. We use NIST National Vulnerability Database's (NVD)-Common Vulnerability Scoring System (CVSS) scores or forensic investigators' estimates in our impact computations. We present a case study to show the utility of our model. |
URL | http://ieeexplore.ieee.org/document/8228706/ |
DOI | 10.1109/CNS.2017.8228706 |
Citation Key | liu_layered_2017 |
- Human behavior
- unanticipated cyber activities
- sockets
- Scalability
- Resiliency
- resilience
- pubcrawl
- NIST National Vulnerability Database
- mission attack impact analysis
- military missions
- Metrics
- Legged locomotion
- layered graphical model
- Human Factors
- attack activities
- graph theory
- graph levels
- Forensics
- forensic investigators
- Digital Forensics
- Cyber Dependencies
- Conferences
- Computational modeling
- Compositionality
- Common Vulnerability Scoring System
- business missions
- business data processing
- attack logs