Show simple item record

dc.contributorICIW 2007 2nd International Conference on Warfare and Security Naval Postgraduate School, Monterey, California, USA 8-9 March 2007 pp.33-46
dc.contributor.authorCullum, James
dc.contributor.authorIrvine, Cynthia E.
dc.contributor.authorLevin, Tim
dc.date.accessioned2012-07-11T15:49:35Z
dc.date.available2012-07-11T15:49:35Z
dc.date.issued2007-03-00
dc.identifier.citation2nd International Conference on i- Warfare and Security Naval Postgraduate School, Monterey, California, USA 8-9 March 2007 pp.33-46
dc.identifier.urihttp://hdl.handle.net/10945/7150
dc.descriptionICIW 2007 2nd International Conference on Warfare and Security Naval Postgraduate School, Monterey, California, USA 8-9 March 2007 pp.33-46en_US
dc.description.abstractThe current generation of network vulnerability detection software uses databases of known vulnerabilities and scans target networks for these weaknesses. The results can be voluminous and difficult to assess. Thus, the success of this technology has created a need for software to aid in network vulnerability analysis. Although research has shown the effectiveness of automated attack graph generation tools in displaying potential attack paths in a network, research involving the performance of these tools has been limited. The performance impact of connectivity restrictions and the number of vulnerabilities present on a network for these tools is not well understood. Using empirical testing, we have collected quantitative data using CAULDRON, an attack graph generation tool developed at George Mason University, on a collection of simulated networks defined to modulate connectivity at certain points in our networks and represent the number of vulnerabilities present per node. By defining our model to include sets of nodes, which allow connectivity from all nodes to all vulnerable nodes in the set; the number of nodes present in each set, the number of connections between sets; and the number of vulnerabilities per node as our variables, we are able to observe the performance impact on CAULDRON of both connectivity restrictions and the increased presence of vulnerabilities in our networks. The effect of these variables on processing time and memory usage is presented and can be used as a metric to assess the scalability of this tool within various customer environments.en_US
dc.publisherInternational Conference on Warfare and Security (ICIW) Naval Postgraduate School , Monterey, California, USA 8-9 March 2007 pp.33-46en_US
dc.rightsThis publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. As such, it is in the public domain, and under the provisions of Title 17, United States Code, Section 105, may not be copyrighted.en_US
dc.rightsApproved for public release.en_US
dc.titlePerformance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generationen_US
dc.typeArticleen_US
dc.subject.authorAttack graphen_US
dc.subject.authornetworken_US
dc.subject.authorexploitsen_US
dc.subject.authorvulnerability analysisen_US
dc.subject.authorperformanceen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record