Visible to the public A Layered Graphical Model for Mission Attack Impact Analysis

TitleA Layered Graphical Model for Mission Attack Impact Analysis
Publication TypeConference Paper
Year of Publication2017
AuthorsLiu, C., Singhal, A., Wijesekera, D.
Conference Name2017 IEEE Conference on Communications and Network Security (CNS)
PublisherIEEE
ISBN Number978-1-5386-0683-4
Keywordsattack activities, attack logs, business data processing, business missions, Common Vulnerability Scoring System, compositionality, Computational modeling, Conferences, Cyber Dependencies, digital forensics, forensic investigators, Forensics, graph levels, graph theory, Human Behavior, human factors, layered graphical model, Legged locomotion, Metrics, military missions, mission attack impact analysis, NIST National Vulnerability Database, pubcrawl, resilience, Resiliency, Scalability, sockets, unanticipated cyber activities
Abstract

Business or military missions are supported by hardware and software systems. Unanticipated cyber activities occurring in supporting systems can impact such missions. In order to quantify such impact, we describe a layered graphical model as an extension of forensic investigation. Our model has three layers: the upper layer models operational tasks that constitute the mission and their inter-dependencies. The middle layer reconstructs attack scenarios from available evidence to reconstruct their inter-relationships. In cases where not all evidence is available, the lower level reconstructs potentially missing attack steps. Using the three levels of graphs constructed in these steps, we present a method to compute the impacts of attack activities on missions. We use NIST National Vulnerability Database's (NVD)-Common Vulnerability Scoring System (CVSS) scores or forensic investigators' estimates in our impact computations. We present a case study to show the utility of our model.

URLhttp://ieeexplore.ieee.org/document/8228706/
DOI10.1109/CNS.2017.8228706
Citation Keyliu_layered_2017