VTAC: Virtual terrain assisted impact assessment for cyber attacks

Show full item record

Title: VTAC: Virtual terrain assisted impact assessment for cyber attacks
Author: Argauer, Brian; Yang, Shanchieh
Abstract: Overwhelming intrusion alerts have made timely response to network security breaches a difficult task. Correlating alerts to produce a higher level view of intrusion state of a network, thus, becomes an essential element in network defense. This work proposes to analyze correlated or grouped alerts and determine their ‘impact’ to services and users of the network. A network is modeled as ‘virtual terrain’ where cyber attacks maneuver. Overlaying correlated attack tracks on virtual terrain exhibits the vulnerabilities exploited by each track and the relationships between them and different network entities. The proposed impact assessment algorithm utilizes the graph-based virtual terrain model and combines assessments of damages caused by the attacks. The combined impact scores allow to identify severely damaged network services and affected users. Several scenarios are examined to demonstrate the uses of the proposed Virtual Terrain Assisted Impact Assessment for Cyber Attacks (VTAC).
Record URI: http://hdl.handle.net/1850/10732
Date: 2008-03-18

Files in this item

Files Size Format View
SYangConfProc03-18-2008.pdf 1.165Mb PDF View/Open

The following license files are associated with this item:

This item appears in the following Collection(s)

Show full item record

Search RIT DML


Advanced Search

Browse