The Customer:
Military, government, commercial, and civilian operations all depend upon the security and availability of computer systems and networks. Sandia National Laboratories
has been working with various government agencies to assess the vulnerability of computer networks by applying its considerable expertise in risk analysis and reliability.
The Work:
The objective of the CSR work involves developing a graph-based approach to network vulnerability analysis. We are in the process of
developing a flexible method which allows analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following
a successful attack. The graph-based tool will be able to identify the set of attack paths that have a high probability of success (or a low "effort" cost) for the attacker. The system could be used to test
the effectiveness of making configuration changes, implementing an intrusion detection system, etc.
Key Benefits:
- Use ideas from risk assessment and reliability analysis in assessing system vulnerabilities
- Incorporate information about the network topology and configuration into the computer security problem (look at the vulnerabilities from a network perspective, not just the vulnerabilities on individual
machines)
- Model dynamic aspects of network and user access/privilege levels
- Identify the most likely paths of attack
Results:
- The initial methodology has been developed: we are in the process of creating a computer tool which can be used by system administrators to assess the vulnerability of their networks.
Related Web Sites:
|
