skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Identifying Vulnerabilities and Hardening Attack Graphs for Networked Systems

Abstract

We investigate efficient security control methods for protecting against vulnerabilities in networked systems. A large number of interdependent vulnerabilities typically exist in the computing nodes of a cyber-system; as vulnerabilities get exploited, starting from low level ones, they open up the doors to more critical vulnerabilities. These cannot be understood just by a topological analysis of the network, and we use the attack graph abstraction of Dewri et al. to study these problems. In contrast to earlier approaches based on heuristics and evolutionary algorithms, we study rigorous methods for quantifying the inherent vulnerability and hardening cost for the system. We develop algorithms with provable approximation guarantees, and evaluate them for real and synthetic attack graphs.

Authors:
; ; ;
Publication Date:
Research Org.:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1334885
Report Number(s):
PNNL-SA-116666
DOE Contract Number:
AC05-76RL01830
Resource Type:
Conference
Resource Relation:
Conference: IEEE Symposium on Technologies for Homeland Security (HST 2016), May 10-11, 2016, Waltham, MA
Country of Publication:
United States
Language:
English
Subject:
game theory; attack graphs

Citation Formats

Saha, Sudip, Vullinati, Anil K., Halappanavar, Mahantesh, and Chatterjee, Samrat. Identifying Vulnerabilities and Hardening Attack Graphs for Networked Systems. United States: N. p., 2016. Web. doi:10.1109/THS.2016.7568884.
Saha, Sudip, Vullinati, Anil K., Halappanavar, Mahantesh, & Chatterjee, Samrat. Identifying Vulnerabilities and Hardening Attack Graphs for Networked Systems. United States. doi:10.1109/THS.2016.7568884.
Saha, Sudip, Vullinati, Anil K., Halappanavar, Mahantesh, and Chatterjee, Samrat. 2016. "Identifying Vulnerabilities and Hardening Attack Graphs for Networked Systems". United States. doi:10.1109/THS.2016.7568884.
@article{osti_1334885,
title = {Identifying Vulnerabilities and Hardening Attack Graphs for Networked Systems},
author = {Saha, Sudip and Vullinati, Anil K. and Halappanavar, Mahantesh and Chatterjee, Samrat},
abstractNote = {We investigate efficient security control methods for protecting against vulnerabilities in networked systems. A large number of interdependent vulnerabilities typically exist in the computing nodes of a cyber-system; as vulnerabilities get exploited, starting from low level ones, they open up the doors to more critical vulnerabilities. These cannot be understood just by a topological analysis of the network, and we use the attack graph abstraction of Dewri et al. to study these problems. In contrast to earlier approaches based on heuristics and evolutionary algorithms, we study rigorous methods for quantifying the inherent vulnerability and hardening cost for the system. We develop algorithms with provable approximation guarantees, and evaluate them for real and synthetic attack graphs.},
doi = {10.1109/THS.2016.7568884},
journal = {},
number = ,
volume = ,
place = {United States},
year = 2016,
month = 9
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:
  • No abstract prepared.
  • We define a 0Day vulnerability to be any vulnerability, in deployed software, which has been discovered by at least one person but has not yet been publicly announced or patched. These 0Day vulnerabilities are of particular interest when assessing the risk to well managed control systems which have already effectively mitigated the publicly known vulnerabilities. In these well managed systems the risk contribution from 0Days will have proportionally increased. To aid understanding of how great a risk 0Days may pose to control systems, an estimate of how many are in existence is needed. Consequently, using the 0Day definition given above,more » we developed and applied a method for estimating how many 0Day vulnerabilities are in existence on any given day. The estimate is made by: empirically characterizing the distribution of the lifespans, measured in days, of 0Day vulnerabilities; determining the number of vulnerabilities publicly announced each day; and applying a novel method for estimating the number of 0Day vulnerabilities in existence on any given day using the number of vulnerabilities publicly announced each day and the previously derived distribution of 0Day lifespans. The method was first applied to a general set of software applications by analyzing the 0Day lifespans of 491 software vulnerabilities and using the daily rate of vulnerability announcements in the National Vulnerability Database. This led to a conservative estimate that in the worst year there were, on average, 2500 0Day software related vulnerabilities in existence on any given day. Using a smaller but intriguing set of 15 0Day software vulnerability lifespans representing the actual time from discovery to public disclosure, we then made a more aggressive estimate. In this case, we estimated that in the worst year there were, on average, 4500 0Day software vulnerabilities in existence on any given day. We then proceeded to identify the subset of software applications likely to be used in some control systems, analyzed the associated subset of vulnerabilities, and characterized their lifespans. Using the previously developed method of analysis, we very conservatively estimated 250 control system related 0Day vulnerabilities in existence on any given day. While reasonable, this first order estimate for control systems is probably far more conservative than those made for general software systems since the estimate did not include vulnerabilities unique to control system specific components. These control system specific vulnerabilities were unable to be included in the estimate for a variety of reasons with the most problematic being that the public announcement of unique control system vulnerabilities is very sparse. Consequently, with the intent to improve the above 0Day estimate for control systems, we first identified the additional, unique to control systems, vulnerability estimation constraints and then investigated new mechanisms which may be useful for estimating the number of unique 0Day software vulnerabilities found in control system components. We proceeded to identify a number of new mechanisms and approaches for estimating and incorporating control system specific vulnerabilities into an improved 0Day estimation method. These new mechanisms and approaches appear promising and will be more rigorously evaluated during the course of the next year.« less
  • The US fossil synfuels program may not have significant impact on domestic fuel supplies until near the year 2000, resulting in a continuing mobility fuels vulnerability for the US military until then. But there are other mobility fuel options for both propulsion systems and stationary base-energy sources, for which the base technology is commercially available or at least demonstrated. For example, for surface propulsion systems, hydrogen-fuel-cell/battery-electric hybrids may be considered; for weapons systems these may offer some new flexibilities, standardization possibilities, and multiple military-controlled fuel-supply options. Hydrogen-fueled aircraft may provide interesting longer-term possibilities in terms of military energy self-sufficiency andmore » multiple supply options, as well as performance specifications. These scenarios will be discussed, along with possibilities for demonstrations in the MX-system ground vehicles.« less