A Framework for Automated Identification of Attack Scenarios on IT Infrastructures

Abstract

Due to increased complexity, scale, and functionality of information and telecommunication (IT) infrastructures, every day new exploits and vulnerabilities are discovered. These vulnerabilities are most of the time used by malicious people to penetrate these IT infrastructures for mainly disrupting business or stealing intellectual properties. Current incidents prove that it is not sufficient anymore to perform manual security tests of the IT infrastructure based on sporadic security audits. Instead networks should be continuously tested against possible attacks. In this paper we present current results and challenges towards realizing automated and scalable solutions to identify possible attack scenarios in an IT in- frastructure. Namely, we define an extensible framework which uses public vulnerability databases to identify probable multi-step attacks in an IT infrastructure, and provide recommendations in the form of patching strategies, topology changes, and configuration updates.

@article{Camtepe:2012fl,
author = {{\\c C}amtepe, Seyit Ahmet and Bsufka, Karsten and Hennig, Leonhard and Simsek, Cihan and Albayrak, Sahin},
title = {{A Framework for Automated Identification of Attack Scenarios on IT Infrastructures}},
journal = {PIK - Praxis der Informationsverarbeitung und Kommunikation},
year = {2012},
volume = {35},
number = {1},
pages = {25--31}
}
Autoren:
Seyit Ahmet Camtepe, Karsten Bsufka, Leonhard Hennig, Cihan Simsek, Sahin Albayrak
Kategorie:
Journal
Jahr:
2012
Ort:
PIK - Praxis Der Informationsverarbeitung und Kommunikation 35 (1): 25-31. doi:10.1515/pik-2012-0005piko.2012.35.1.25.