6,284 research outputs found
Toward optimal multi-objective models of network security: Survey
Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers
Towards optimal multi-objective models of network security: survey
Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers
Identifying Security-Critical Cyber-Physical Components in Industrial Control Systems
In recent years, Industrial Control Systems (ICS) have become an appealing
target for cyber attacks, having massive destructive consequences. Security
metrics are therefore essential to assess their security posture. In this
paper, we present a novel ICS security metric based on AND/OR graphs that
represent cyber-physical dependencies among network components. Our metric is
able to efficiently identify sets of critical cyber-physical components, with
minimal cost for an attacker, such that if compromised, the system would enter
into a non-operational state. We address this problem by efficiently
transforming the input AND/OR graph-based model into a weighted logical formula
that is then used to build and solve a Weighted Partial MAX-SAT problem. Our
tool, META4ICS, leverages state-of-the-art techniques from the field of logical
satisfiability optimisation in order to achieve efficient computation times.
Our experimental results indicate that the proposed security metric can
efficiently scale to networks with thousands of nodes and be computed in
seconds. In addition, we present a case study where we have used our system to
analyse the security posture of a realistic water transport network. We discuss
our findings on the plant as well as further security applications of our
metric.Comment: Keywords: Security metrics, industrial control systems,
cyber-physical systems, AND-OR graphs, MAX-SAT resolutio
Reinforcement learning for efficient network penetration testing
Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the defenses of a computer network by planning and executing all possible attacks to discover and exploit existing vulnerabilities. Current penetration testing methods are increasingly becoming non-standard, composite and resource-consuming despite the use of evolving tools. In this paper, we propose and evaluate an AI-based pentesting system which makes use of machine learning techniques, namely reinforcement learning (RL) to learn and reproduce average and complex pentesting activities. The proposed system is named Intelligent Automated Penetration Testing System (IAPTS) consisting of a module that integrates with industrial PT frameworks to enable them to capture information, learn from experience, and reproduce tests in future similar testing cases. IAPTS aims to save human resources while producing much-enhanced results in terms of time consumption, reliability and frequency of testing. IAPTS takes the approach of modeling PT environments and tasks as a partially observed Markov decision process (POMDP) problem which is solved by POMDP-solver. Although the scope of this paper is limited to network infrastructures PT planning and not the entire practice, the obtained results support the hypothesis that RL can enhance PT beyond the capabilities of any human PT expert in terms of time consumed, covered attacking vectors, accuracy and reliability of the outputs. In addition, this work tackles the complex problem of expertise capturing and re-use by allowing the IAPTS learning module to store and re-use PT policies in the same way that a human PT expert would learn but in a more efficient way
Herding Vulnerable Cats: A Statistical Approach to Disentangle Joint Responsibility for Web Security in Shared Hosting
Hosting providers play a key role in fighting web compromise, but their
ability to prevent abuse is constrained by the security practices of their own
customers. {\em Shared} hosting, offers a unique perspective since customers
operate under restricted privileges and providers retain more control over
configurations. We present the first empirical analysis of the distribution of
web security features and software patching practices in shared hosting
providers, the influence of providers on these security practices, and their
impact on web compromise rates. We construct provider-level features on the
global market for shared hosting -- containing 1,259 providers -- by gathering
indicators from 442,684 domains. Exploratory factor analysis of 15 indicators
identifies four main latent factors that capture security efforts: content
security, webmaster security, web infrastructure security and web application
security. We confirm, via a fixed-effect regression model, that providers exert
significant influence over the latter two factors, which are both related to
the software stack in their hosting environment. Finally, by means of GLM
regression analysis of these factors on phishing and malware abuse, we show
that the four security and software patching factors explain between 10\% and
19\% of the variance in abuse at providers, after controlling for size. For
web-application security for instance, we found that when a provider moves from
the bottom 10\% to the best-performing 10\%, it would experience 4 times fewer
phishing incidents. We show that providers have influence over patch
levels--even higher in the stack, where CMSes can run as client-side
software--and that this influence is tied to a substantial reduction in abuse
levels
SecCo: Automated Services to Secure Containers in the DevOps Paradigm
Containers are core building blocks for creating applications based on the microservice paradigm. However, assessing their security is complex, especially when deployed in distributed and heterogeneous scenarios. Moreover, developers and IT operators should only focus on integration and delivery processes without dealing with tasks to guarantee securing requirements. To overcome such issues, in this paper, we introduce the ideas at the basis of Project SecCo (Securing Containers), i.e., an architecture for extending and improving current security assessment methodologies into the continuous integration and continuous delivery DevOps pipeline. To this end, SecCo proposes a framework able to orchestrate new automatic security services to prevent and reduce security vulnerabilities in the design, implementation, and deployment phases, and to identify and mitigate, at runtime, attempts to exploit them. The paper also showcases the main research challenges to be addressed for pursuing the vision of SecCo
ANCHOR: logically-centralized security for Software-Defined Networks
While the centralization of SDN brought advantages such as a faster pace of
innovation, it also disrupted some of the natural defenses of traditional
architectures against different threats. The literature on SDN has mostly been
concerned with the functional side, despite some specific works concerning
non-functional properties like 'security' or 'dependability'. Though addressing
the latter in an ad-hoc, piecemeal way, may work, it will most likely lead to
efficiency and effectiveness problems. We claim that the enforcement of
non-functional properties as a pillar of SDN robustness calls for a systemic
approach. As a general concept, we propose ANCHOR, a subsystem architecture
that promotes the logical centralization of non-functional properties. To show
the effectiveness of the concept, we focus on 'security' in this paper: we
identify the current security gaps in SDNs and we populate the architecture
middleware with the appropriate security mechanisms, in a global and consistent
manner. Essential security mechanisms provided by anchor include reliable
entropy and resilient pseudo-random generators, and protocols for secure
registration and association of SDN devices. We claim and justify in the paper
that centralizing such mechanisms is key for their effectiveness, by allowing
us to: define and enforce global policies for those properties; reduce the
complexity of controllers and forwarding devices; ensure higher levels of
robustness for critical services; foster interoperability of the non-functional
property enforcement mechanisms; and promote the security and resilience of the
architecture itself. We discuss design and implementation aspects, and we prove
and evaluate our algorithms and mechanisms, including the formalisation of the
main protocols and the verification of their core security properties using the
Tamarin prover.Comment: 42 pages, 4 figures, 3 tables, 5 algorithms, 139 reference
- âŠ