Environment Aware Report: A Minimalist Approach To a Complex Problem, Version 1.1

Abstract

Report developed under SBIR contract for Topic No. N03-T010. In an ideal world, system and network administrators would keep all of their systems fully patched all the time. Unfortunately, for a variety of reasons few sites have the luxury of such an approach. Given that administrators cannot apply all possible countermeasures (e.g., patches), our next best strategy is to identify an ordering of countermeasures that will provide the optimal level of security for a given amount of changes to the network. One of the primary approaches to identify this optimized ordering is through attack graph analysis, and this approach has received considerable attention recently. Unfortunately, there are a number of critical problems with this strategy. This paper presents an approach that takes advantage of simple filtering capabilities in commodity routers that partially addresses the limitation of the attack graph strategy. Furthermore, in at least one problem, dealing with unknown vulnerabilities, the simple strategy presented in this paper can produce better results than the attack graph approach.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 29, 2004
Accession Number
ADA426335

Entities

People

  • Todd Heberlein

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Commodities
  • Computer Access Control
  • Computer Programming
  • Computer Science
  • Computers
  • Contracts
  • Cybersecurity
  • Electronic Mail
  • Environment
  • Filtration
  • Infrastructure
  • Kernels (Operating System)
  • Mobile Operating Systems
  • Network Architecture
  • Operating Systems
  • Security
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Robotics and Automation.
  • Systems Analysis and Design