14,452 research outputs found
Efficient Attack Graph Analysis through Approximate Inference
Attack graphs provide compact representations of the attack paths that an
attacker can follow to compromise network resources by analysing network
vulnerabilities and topology. These representations are a powerful tool for
security risk assessment. Bayesian inference on attack graphs enables the
estimation of the risk of compromise to the system's components given their
vulnerabilities and interconnections, and accounts for multi-step attacks
spreading through the system. Whilst static analysis considers the risk posture
at rest, dynamic analysis also accounts for evidence of compromise, e.g. from
SIEM software or forensic investigation. However, in this context, exact
Bayesian inference techniques do not scale well. In this paper we show how
Loopy Belief Propagation - an approximate inference technique - can be applied
to attack graphs, and that it scales linearly in the number of nodes for both
static and dynamic analysis, making such analyses viable for larger networks.
We experiment with different topologies and network clustering on synthetic
Bayesian attack graphs with thousands of nodes to show that the algorithm's
accuracy is acceptable and converge to a stable solution. We compare sequential
and parallel versions of Loopy Belief Propagation with exact inference
techniques for both static and dynamic analysis, showing the advantages of
approximate inference techniques to scale to larger attack graphs.Comment: 30 pages, 14 figure
Exact Inference Techniques for the Analysis of Bayesian Attack Graphs
Attack graphs are a powerful tool for security risk assessment by analysing
network vulnerabilities and the paths attackers can use to compromise network
resources. The uncertainty about the attacker's behaviour makes Bayesian
networks suitable to model attack graphs to perform static and dynamic
analysis. Previous approaches have focused on the formalization of attack
graphs into a Bayesian model rather than proposing mechanisms for their
analysis. In this paper we propose to use efficient algorithms to make exact
inference in Bayesian attack graphs, enabling the static and dynamic network
risk assessments. To support the validity of our approach we have performed an
extensive experimental evaluation on synthetic Bayesian attack graphs with
different topologies, showing the computational advantages in terms of time and
memory use of the proposed techniques when compared to existing approaches.Comment: 14 pages, 15 figure
SoK: Cryptographically Protected Database Search
Protected database search systems cryptographically isolate the roles of
reading from, writing to, and administering the database. This separation
limits unnecessary administrator access and protects data in the case of system
breaches. Since protected search was introduced in 2000, the area has grown
rapidly; systems are offered by academia, start-ups, and established companies.
However, there is no best protected search system or set of techniques.
Design of such systems is a balancing act between security, functionality,
performance, and usability. This challenge is made more difficult by ongoing
database specialization, as some users will want the functionality of SQL,
NoSQL, or NewSQL databases. This database evolution will continue, and the
protected search community should be able to quickly provide functionality
consistent with newly invented databases.
At the same time, the community must accurately and clearly characterize the
tradeoffs between different approaches. To address these challenges, we provide
the following contributions:
1) An identification of the important primitive operations across database
paradigms. We find there are a small number of base operations that can be used
and combined to support a large number of database paradigms.
2) An evaluation of the current state of protected search systems in
implementing these base operations. This evaluation describes the main
approaches and tradeoffs for each base operation. Furthermore, it puts
protected search in the context of unprotected search, identifying key gaps in
functionality.
3) An analysis of attacks against protected search for different base
queries.
4) A roadmap and tools for transforming a protected search system into a
protected database, including an open-source performance evaluation platform
and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac
- …