ATTACK GRAPH GENERATION WITH INFUSED FUZZY CLUSTERING
Sudip Misra, Mohammad S. Obaidat, Atig Bagchi, Ravindara Bhatt, Soumalya Ghosh
2009
Abstract
Modern networks have been growing rapidly in size and complexity, making manual vulnerability assessment and mitigation impractical. Automation of these tasks is desired (Obaidat and Boudriga, 2007; Bhattacharya et al., 2008). Existing network security tools can be classified into the following two approaches: proactive (such as vulnerability scanning and use of firewalls) and reactive (intrusion detection system). The modus operandi of proactive approaches have an edge over the reactive ones as they have threat information prior to the attack. One approach, viz., generation and analysis of attack graphs, in this class has gained popularity. In this paper, we present an algorithm to automatically generate attack graphs based on the prevalent network conditions. The nodes in the graph that are generated by executing our proposed algorithm have been grouped based on logical graph paradigm which helps in visualizing the dependencies among various initial and generated network configurations towards obtaining the attacker’s goal. In addition, fuzzy logic based clustering has been applied on the generated data corresponding to each such group. This form of clustering is beneficial, because in the real world the boundaries between clusters are indistinct. This form of clustering leads to better visualization of the attack graph. Our goal is to design and develop an efficient approach for automatic attack graph generation and visualization. The approach uses attack graph generation algorithm, and requires network initial conditions as input. Fuzzy logic based clustering, Fuzzy C-Means (FCM) (Bezdek, 1981), is applied at the output of attack graph generation algorithm to improve visualization. Our approach helps network administrator to visualize attack graph in an efficient way. This reduces the burden of network administrator to a larger extent.
References
- M. S. Obaidat and N. Boudriga,” Security of e-Systems and Computer Netwokrs,” Cambrdige Univeristy Press, 2007.
- S. Bhattacharya, S. Malhotra, S.K. Ghosh, “A Scalable Representation towards Attack Graph Generation”, Proceedings of the 2008 1st International Conference on Information Technology, (IT 2008), 19-21 May 2008, Gdansk, Poland.
- J.C. Bezdek, “Patten Recognition with Fuzzy Objective Function Algorithms”, Plenum Press, New York, 1981.
- O. M. Sheynar, “Scenario Graphs and Attack Graph,” PhD Thesis, Carnegei Mellan University, USA, April 2004.
- R. P. Lippmann, and K. W. Ingols, “An Annotated review of past papers on attack graphs,” Project report IA-1, Linchon Laboratory, MIT, 31st March 2005.
- J. Han, M. Kamber, Data Mining: Concepts and Techniques, Morgan Kaufmann Publishers 2001.
- J. C. Dunn., “A fuzzy relative of the ISODATA process and its use in detecting compact well seperated clusters”, J. Cybernetics, Vol. 3, pp. 32-57, 1974.
- I. S. Moskowithz, and M. H. Kang., “An insecurity flow model”, In Proceedings of the 6th New Security Paradigms Workshop, Langdale,UK, pp. 61-74, 1997.
- C. Phillips, L. P. Swiler, “A graph-based system for network-vulnerability analysis”, In Proceedings of the Workshop on New Security Paradigms (NSPW), pp. 71-79, 22-26 September 1998.
- L. P. Swiler, C. Phillips, D. Ellis, and S. Chakerial ,” Computer- Attack Graph Generation Tool,” Proceedings of the Second DARPA Information Survivability Conference and Exposition (DISCEX II), Volume II, pp. 307-321, IEEE Computer Society, 2001.
- X. Ou, W. F. Boyer, M. A. McQueen, “A Scalable Approach to Attack Graph Generation”, Proceedings of the 13th ACM conference on Computer and Communications Security (CCS), Alexandria, Virginia, USA, pp. 336-345, 30 October - 3 November 2006.
- O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M.Wing, “Automated generation and analysis of attack graphs,” In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 254-265, 2002.
Paper Citation
in Harvard Style
Misra S., Obaidat M., Bagchi A., Bhatt R. and Ghosh S. (2009). ATTACK GRAPH GENERATION WITH INFUSED FUZZY CLUSTERING . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2009) ISBN 978-989-674-005-4, pages 92-98. DOI: 10.5220/0002277000920098
in Bibtex Style
@conference{secrypt09,
author={Sudip Misra and Mohammad S. Obaidat and Atig Bagchi and Ravindara Bhatt and Soumalya Ghosh},
title={ATTACK GRAPH GENERATION WITH INFUSED FUZZY CLUSTERING},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2009)},
year={2009},
pages={92-98},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002277000920098},
isbn={978-989-674-005-4},
}
in EndNote Style
TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2009)
TI - ATTACK GRAPH GENERATION WITH INFUSED FUZZY CLUSTERING
SN - 978-989-674-005-4
AU - Misra S.
AU - Obaidat M.
AU - Bagchi A.
AU - Bhatt R.
AU - Ghosh S.
PY - 2009
SP - 92
EP - 98
DO - 10.5220/0002277000920098