On the Density and Subsequent Utility of Attack Graphs in Realistic Environments

Thumbnail Image
Yang, Yang
Major Professor
Thomas Daniels
Committee Member
Journal Title
Journal ISSN
Volume Title
Research Projects
Organizational Units
Organizational Unit
Electrical and Computer Engineering

The Department of Electrical and Computer Engineering (ECpE) contains two focuses. The focus on Electrical Engineering teaches students in the fields of control systems, electromagnetics and non-destructive evaluation, microelectronics, electric power & energy systems, and the like. The Computer Engineering focus teaches in the fields of software systems, embedded systems, networking, information security, computer architecture, etc.

The Department of Electrical Engineering was formed in 1909 from the division of the Department of Physics and Electrical Engineering. In 1985 its name changed to Department of Electrical Engineering and Computer Engineering. In 1995 it became the Department of Electrical and Computer Engineering.

Dates of Existence

Historical Names

  • Department of Electrical Engineering (1909-1985)
  • Department of Electrical Engineering and Computer Engineering (1985-1995)

Related Units

Journal Issue
Is Version Of

Advanced Persistent Threats(APT) are a serious concern to secure an organization. The sophistica- tion of APT attacks is much discussed, and the recent compromising of Google, RSA and Sony using APTs has gained lots of attentions. Successful protection against APTs should complement traditional perimeter and infrastructure security measures and policies. In this paper, we show that adding APTs in our threat landscape, conventional attack graphs for realistic environments are quite dense meaning that their utility is quite limited. This density is a consequence of common, inherent vulnerabilities in conventional computing systems and network environments. Our approach is to formally define a set of vulnerabilities that we call privilege expansion vulnerabilities. A superset of privilege escalation vulnerabilities, privilege expansion refers to cases where an attacker can either earn greater privilege on the current host or use his current privilege to earn privileges on other hosts. Based on our formal definitions, we define a set of rules for adding edges to attack graphs and develop a tool that computes a closure of these rules in the graph. For two example environments, we compute new attack graphs incorporating these new edges and demonstrate the use of the tool by evaluating addressing 4 different privilege expansion vulnerabilities.

Subject Categories
Tue Jan 01 00:00:00 UTC 2013