A framework for automated identification of attack scenarios on it infrastructures
Due to increased complexity, scale, and functionality of information and telecommunication (IT) infrastructures, everyday new exploits and vulnerabilities are discovered. These vulnerabilities are most of the time used by malicious people to penetrate these IT infrastructures for mainly disruptingbusiness or stealing intellectual properties. Current incidents prove that it is not sufficient anymore to perform manual securitytests of the IT infrastructure based on sporadic securityaudits. Instead networks should be continuously testedagainst possible attacks. In this paper we present current resultsand challenges towards realizing automated and scalablesolutions to identify possible attack scenarios in an IT infrastructure. Namely, we define an extensible framework whichuses public vulnerability databases to identify probable multistepattacks in an IT infrastructure, and provide recommendations in the form of patching strategies, topology changes, and configuration updates.
Published in: Praxis der Informationsverarbeitung und Kommunikation, 10.1515/pik-2012-0005piko.2012.35.1.25, De Gruyter
- Dieser Beitrag ist mit Zustimmung des Rechteinhabers aufgrund einer (DFG geförderten) Allianz- bzw. Nationallizenz frei zugänglich.
- This publication is with permission of the rights owner freely accessible due to an Alliance licence and a national licence (funded by the DFG, German Research Foundation) respectively.