Attack graph obfuscation

Hadar Polad; Rami Puzis; Bracha Shapira

doi:10.1007/978-3-319-60080-2_20

Attack graph obfuscation

Hadar Polad, Rami Puzis, Bracha Shapira

Department of Software and Information Systems Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

6 Scopus citations

Abstract

Before executing an attack, adversaries usually explore the victim’s network in an attempt to infer the network topology and identify vulnerabilities in the victim’s servers and personal computers. In this research, we examine the effects of adding fake vulnerabilities to a real enterprise network to verify the hypothesis that the addition of such vulnerabilities will serve to divert the attacker and cause the adversary to perform additional activities while attempting to achieve its objectives. We use the attack graph to model the problem of an attacker making its way towards the target in a given network. Our results show that adding fake vulnerabilities forces the adversary to invest a significant amount of effort, in terms of time, exploitability cost, and the number of attack footprints within the network during the attack.

Original language	English
Title of host publication	Cyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings
Editors	Shlomi Dolev, Sachin Lodha
Publisher	Springer Verlag
Pages	269-287
Number of pages	19
ISBN (Print)	9783319600796
DOIs	https://doi.org/10.1007/978-3-319-60080-2_20
State	Published - 3 May 2018
Event	1st International Conference on Cyber Security Cryptography and Machine Learning, CSCML 2017 - Beer-Sheva, Israel Duration: 29 Jun 2017 → 30 Jun 2017

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	10332 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	1st International Conference on Cyber Security Cryptography and Machine Learning, CSCML 2017
Country/Territory	Israel
City	Beer-Sheva
Period	29/06/17 → 30/06/17

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-319-60080-2_20

Cite this

Polad, H., Puzis, R., & Shapira, B. (2018). Attack graph obfuscation. In S. Dolev, & S. Lodha (Eds.), Cyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings (pp. 269-287). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10332 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-60080-2_20

Polad, Hadar ; Puzis, Rami ; Shapira, Bracha. / Attack graph obfuscation. Cyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings. editor / Shlomi Dolev ; Sachin Lodha. Springer Verlag, 2018. pp. 269-287 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{0fc30c00e1f342c8bb030835bb0382ed,

title = "Attack graph obfuscation",

abstract = "Before executing an attack, adversaries usually explore the victim{\textquoteright}s network in an attempt to infer the network topology and identify vulnerabilities in the victim{\textquoteright}s servers and personal computers. In this research, we examine the effects of adding fake vulnerabilities to a real enterprise network to verify the hypothesis that the addition of such vulnerabilities will serve to divert the attacker and cause the adversary to perform additional activities while attempting to achieve its objectives. We use the attack graph to model the problem of an attacker making its way towards the target in a given network. Our results show that adding fake vulnerabilities forces the adversary to invest a significant amount of effort, in terms of time, exploitability cost, and the number of attack footprints within the network during the attack.",

author = "Hadar Polad and Rami Puzis and Bracha Shapira",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2017.; 1st International Conference on Cyber Security Cryptography and Machine Learning, CSCML 2017 ; Conference date: 29-06-2017 Through 30-06-2017",

year = "2018",

month = may,

day = "3",

doi = "10.1007/978-3-319-60080-2_20",

language = "English",

isbn = "9783319600796",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "269--287",

editor = "Shlomi Dolev and Sachin Lodha",

booktitle = "Cyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings",

address = "Germany",

}

Polad, H, Puzis, R & Shapira, B 2018, Attack graph obfuscation. in S Dolev & S Lodha (eds), Cyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10332 LNCS, Springer Verlag, pp. 269-287, 1st International Conference on Cyber Security Cryptography and Machine Learning, CSCML 2017, Beer-Sheva, Israel, 29/06/17. https://doi.org/10.1007/978-3-319-60080-2_20

Attack graph obfuscation. / Polad, Hadar; Puzis, Rami ; Shapira, Bracha.
Cyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings. ed. / Shlomi Dolev; Sachin Lodha. Springer Verlag, 2018. p. 269-287 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10332 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Attack graph obfuscation

AU - Polad, Hadar

AU - Puzis, Rami

AU - Shapira, Bracha

PY - 2018/5/3

Y1 - 2018/5/3

N2 - Before executing an attack, adversaries usually explore the victim’s network in an attempt to infer the network topology and identify vulnerabilities in the victim’s servers and personal computers. In this research, we examine the effects of adding fake vulnerabilities to a real enterprise network to verify the hypothesis that the addition of such vulnerabilities will serve to divert the attacker and cause the adversary to perform additional activities while attempting to achieve its objectives. We use the attack graph to model the problem of an attacker making its way towards the target in a given network. Our results show that adding fake vulnerabilities forces the adversary to invest a significant amount of effort, in terms of time, exploitability cost, and the number of attack footprints within the network during the attack.

AB - Before executing an attack, adversaries usually explore the victim’s network in an attempt to infer the network topology and identify vulnerabilities in the victim’s servers and personal computers. In this research, we examine the effects of adding fake vulnerabilities to a real enterprise network to verify the hypothesis that the addition of such vulnerabilities will serve to divert the attacker and cause the adversary to perform additional activities while attempting to achieve its objectives. We use the attack graph to model the problem of an attacker making its way towards the target in a given network. Our results show that adding fake vulnerabilities forces the adversary to invest a significant amount of effort, in terms of time, exploitability cost, and the number of attack footprints within the network during the attack.

UR - http://www.scopus.com/inward/record.url?scp=85021700054&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-60080-2_20

DO - 10.1007/978-3-319-60080-2_20

M3 - Conference contribution

AN - SCOPUS:85021700054

SN - 9783319600796

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 269

EP - 287

BT - Cyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings

A2 - Dolev, Shlomi

A2 - Lodha, Sachin

PB - Springer Verlag

T2 - 1st International Conference on Cyber Security Cryptography and Machine Learning, CSCML 2017

Y2 - 29 June 2017 through 30 June 2017

ER -

Polad H, Puzis R , Shapira B. Attack graph obfuscation. In Dolev S, Lodha S, editors, Cyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings. Springer Verlag. 2018. p. 269-287. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-60080-2_20

Attack graph obfuscation

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this