All
All

Using Attack Graphs in Forensic Examinations

576KB | 3 files |  DOC, PDF

Attack graphs are used to compute potential attack paths from a system configuration and known vulnerabilities of a system.

Abstract-attack graphs are used to compute potential attack paths from a system configuration and known vulnerabilities of a system. Attack graphs can be used to determine known vulnerability sequences that were exploited to launch the attacks and help forensic examiners in identifying many potential attack paths. After an attack happens, forensic analysis, including linking evidence with attacks, helps further understand and refine the attack scenario that was launched. Given that there are anti-forensic tools that can obfuscate, minimize or eliminate attack footprints, forensic analysis becomes harder. As a solution, the authors propose to apply attack graph to forensic analysis. They do so by including anti-forensic capabilities into attack graphs, so that the missing evidence can be explained by using longer attack paths that erase potential evidence. The authors show this capability in an explicit case study involving a Database attack.

The attached zip file includes:

  • Intro Page.pdf
  • Terms and Conditions.pdf
  • UsingAttackGraphs.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

Related IT Downloads

CLoud1a Managing Risk and Security in Outsourcing IT Services

The excerpt from chapter three addresses issues that should be considered before you decide to outsource, including security and privacy impacts and secure communication via telephone, email, mobile and smartphones, instant messaging and traditional mail. ...  More >>

Security5TN A Methodology for Developing Authentication Assurance Level Taxonomy for Smart Card-based Identity Verification

This publication presents a methodology for assigning authentication strengths based on the strength of pair wise bindings between the five entities involved in smart card based authentications. ...  More >>

Security4TN Framework for Improving Critical Infrastructure Cybersecurity

The Framework enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improving the security and resilience of critical infrastructure. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data