Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Measuring the Overall Network Security by Combining CVSS Scores Based on Attack Graphs and Bayesian Networks Read chapter Read first chapter

2017 | OriginalPaper | Chapter

Evaluating the Network Diversity of Networks Against Zero-Day Attacks

Authors : Mengyuan Zhang, Lingyu Wang, Sushil Jajodia, Anoop Singhal

Published in: Network Security Metrics

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Diversity has long been regarded as a security mechanism and it has found new applications in security, e.g., in cloud, Moving Target Defense (MTD), and network routing. However, most existing efforts rely on intuitive and imprecise notions of diversity, and the few existing models of diversity are mostly designed for a single system running diverse software replicas or variants. At a higher abstraction level, as a global property of the entire network, diversity and its effect on security have received limited attention. In this chapter, we present a formal model of network diversity as a security metric. Specifically, we first devise a biodiversity-inspired metric based on the effective number of distinct resources. We then propose two complementary diversity metrics, based on the least and the average attacking efforts, respectively. Finally, we evaluate the proposed metrics through simulation.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Using Bayesian Networks to Fuse Intrusion Evidences and Detect Zero-Day Attack Paths
next chapter A Suite of Metrics for Network Attack Graph Analytics
Literature
1.
M. Albanese, S. Jajodia, S. Noel, A time-efficient approach to cost-effective network hardening using attack graphs, in Proceedings of DSN’12 (2012), pp. 1–12
2.
S. Alrabaee, P. Shirani, L. Wang, M. Debbabi, Sigma: a semantic integrated graph matching approach for identifying reused functions in binary code. Digit. Investig. 12(Supplement 1), S61–S71 (2015)
3.
P. Ammann, D. Wijesekera, S. Kaushik, Scalable, graph-based network vulnerability analysis, in Proceedings of ACM CCS’02 (2002)
4.
H.A. Basit, S. Jarzabek, Efficient token based clone detection with flexible tokenization, in Proceedings of the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering (ACM, New York, 2007), pp. 513–516
5.
S. Bhatkar, D.C. DuVarney, R. Sekar, Address obfuscation: an efficient approach to combat a broad range of memory error exploits, in Proceedings of the 12th USENIX security symposium, Washington, DC, vol. 120 (2003)
6.
S. Bhatkar, R. Sekar, Data space randomization, in Proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA ’08 (Springer, Berlin/Heidelberg, 2008), pp. 1–22
7.
R. Brixtel, M. Fontaine, B. Lesner, C. Bazin, R. Robbes, Language-independent clone detection applied to plagiarism detection, in 2010 10th IEEE Working Conference on Source Code Analysis and Manipulation (SCAM) (IEEE, Los Alamitos, 2010), pp. 77–86
8.
J. Caballero, T. Kampouris, D. Song, J. Wang, Would diversity really increase the robustness of the routing infrastructure against software defects? in Proceedings of the Network and Distributed System Security Symposium (2008)
9.
B.G. Chun, P. Maniatis, S. Shenker, Diverse replication for single-machine byzantine-fault tolerance, in USENIX Annual Technical Conference (2008), pp. 287–292
10.
B. Cox, D. Evans, A. Filipi, J. Rowanhill, W. Hu, J. Davidson, J. Knight, A. Nguyen-Tuong, J. Hiser, N-variant systems: a secretless framework for security through diversity. Defense Technical Information Center (2006)
11.
12.
T. Dullien, E. Carrera, S.M. Eppler, S. Porst, Automated attacker correlation for malicious code. Technical report, DTIC Document (2010)
13.
C. Elton, The Ecology of Invasion by Animals and Plants (University of Chicago Press, Chicago, 1958)CrossRef
14.
W.S. Evans, C.W. Fraser, F. Ma, Clone detection via structural abstraction. Softw. Qual. J. 17(4), 309–330 (2009)CrossRef
15.
N. Falliere, L.O. Murchu, E. Chien, W32.stuxnet dossier. Symantec Security Response (2011)
16.
M. Frigault, L. Wang, A. Singhal, S. Jajodia, Measuring network security using dynamic Bayesian network, in Proceedings of 4th ACM QoP (2008)
17.
18.
D. Gao, M. Reiter, D. Song, Behavioral distance measurement using hidden Markov models, in Recent Advances in Intrusion Detection (Springer, Berlin, 2006), pp. 19–40CrossRef
19.
M. Garcia, A. Bessani, I. Gashi, N. Neves, R. Obelheiro, OS diversity for intrusion tolerance: myth or reality? in 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN) (2011), pp. 383–394
20.
M.O. Hill, Diversity and evenness: a unifying notation and its consequences. Ecology 54(2), 427–432 (1973)CrossRef
21.
S. Jajodia, S. Noel, B. O’Berry, Topological analysis of network attack vulnerability, in Managing Cyber Threats: Issues, Approaches and Challenges, ed. by V. Kumar, J. Srivastava, A. Lazarevic (Kluwer Academic Publisher, Dordrecht, 2003)
22.
S. Jajodia, A.K. Ghosh, V. Swarup, C. Wang, X.S. Wang, Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, 1st edn. (Springer, New York, 2011)CrossRef
23.
J. Jang, D. Brumley, S. Venkataraman, Bitshred: fast, scalable malware triage. Cylab, Carnegie Mellon University, Pittsburgh, PA, Technical Report CMU-Cylab-10, 22 (2010)
24.
J.H. Johnson, Identifying redundancy in source code using fingerprints, in Proceedings of the 1993 conference of the Centre for Advanced Studies on Collaborative research: software engineering, vol. 1 (IBM Press, 1993), pp. 171–183
25.
G.S. Kc, A.D. Keromytis, V. Prevelakis, Countering code-injection attacks with instruction-set randomization, in Proceedings of the 10th ACM conference on Computer and communications security (ACM, New York, 2003), pp. 272–280
26.
W.M. Khoo, A. Mycroft, R. Anderson, Rendezvous: a search engine for binary code, in Proceedings of the 10th Working Conference on Mining Software Repositories, MSR ’13 (2013), pp. 329–338
27.
T. Leinster, C.A. Cobbold, Measuring diversity: the importance of species similarity. Ecology 93(3), 477–489 (2012)CrossRef
28.
B. Littlewood, L. Strigini, Redundancy and diversity in security. Computer Security–ESORICS 2004 (2004), pp. 423–438
29.
30.
M.A. McQueen, W.F. Boyer, M.A. Flynn, G.A. Beitel, Time-to-compromise model for cyber risk reduction estimation, in Quality of Protection (Springer, Berlin, 2006), pp. 49–64
31.
P. Mell, K. Scarfone, S. Romanosky, Common vulnerability scoring system. IEEE Secur. Priv. 4(6), 85–89 (2006)CrossRef
32.
33.
X. Ou, W.F. Boyer, M.A. McQueen, A scalable approach to attack graph generation, in Proceedings of the 13th ACM conference on Computer and communications security, CCS’06 (ACM, New York, 2006), pp. 336–345
34.
E.C. Pielou, Ecological Diversity (Wiley, New York, 1975)
35.
36.
K. Ren, C. Wang, Q. Wang, Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)CrossRef
37.
A. Sæbjørnsen, J. Willcock, T. Panas, D. Quinlan, Z. Su, Detecting code clones in binary executables, in Proceedings of the eighteenth international symposium on Software testing and analysis (ACM, New York, 2009), pp. 117–128
38.
O. Sheyner, J. Haines, S. Jha, R. Lippmann, J.M. Wing, Automated generation and analysis of attack graphs, in Proceedings of the 2002 IEEE Symposium on Security and Privacy (2002)
39.
L. Wang, M. Zhang, S. Jajodia, A. Singhal, M. Albanese, Modeling network diversity for evaluating the robustness of networks against zero-day attacks, in Proceedings of ESORICS’14 (2014), pp. 494–511
40.
Y. Yang, S. Zhu, G. Cao, Improving sensor network immunity under worm attacks: a software diversity approach, in Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing (ACM, New York, 2008), pp. 149–158
Metadata
Title
Evaluating the Network Diversity of Networks Against Zero-Day Attacks
Authors
Mengyuan Zhang
Lingyu Wang
Sushil Jajodia
Anoop Singhal
Copyright Year
2017
Book
Network Security Metrics

Print ISBN: 978-3-319-66504-7

Electronic ISBN: 978-3-319-66505-4

Copyright Year: 2017

DOI
https://doi.org/10.1007/978-3-319-66505-4_6

Premium Partner

    Image Credits