All
All

Using Attack Graphs in Forensic Examinations

576KB | 3 files |  DOC, PDF

Attack graphs are used to compute potential attack paths from a system configuration and known vulnerabilities of a system.

Abstract-attack graphs are used to compute potential attack paths from a system configuration and known vulnerabilities of a system. Attack graphs can be used to determine known vulnerability sequences that were exploited to launch the attacks and help forensic examiners in identifying many potential attack paths. After an attack happens, forensic analysis, including linking evidence with attacks, helps further understand and refine the attack scenario that was launched. Given that there are anti-forensic tools that can obfuscate, minimize or eliminate attack footprints, forensic analysis becomes harder. As a solution, the authors propose to apply attack graph to forensic analysis. They do so by including anti-forensic capabilities into attack graphs, so that the missing evidence can be explained by using longer attack paths that erase potential evidence. The authors show this capability in an explicit case study involving a Database attack.

The attached zip file includes:

  • Intro Page.pdf
  • Terms and Conditions.pdf
  • UsingAttackGraphs.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.
Related IT Downloads

Security44 Assessing Security and Privacy Controls in Federal Information Systems and Organizations

This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations. ...  More >>

Misc43 Guidelines for Smart Grid Cybersecurity

This three-volume report presents an analytical framework that organizations can use to develop effective cybersecurity strategies tailored to their particular combinations of smart grid-related characteristics, risks, and vulnerabilities. ...  More >>

Money3 PCI Compliance: The Definitive Guide

In this excerpt from chapter 20, the author briefly discusses the challenges and success factors that the organization must be aware of to maintain compliance and achieve optimum information security for the enterprise. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data


Thanks for your registration, follow us on our social networks to keep up-to-date