loading
Papers

Research.Publish.Connect.

Paper

Authors: Mohammed Noraden Alsaleh ; Ehab Al-Shaer and Qi Duan

Affiliation: Department of Software and Information Systems, University of North Carolina at Charlotte, Charlotte, NC and U.S.A.

ISBN: 978-989-758-319-3

Keyword(s): Resistance, Cyber Attacks, Resilience, Configuration, Model Checking.

Related Ontology Subjects/Areas/Topics: Formal Methods for Security ; Information and Systems Security ; Network Security ; Wireless Network Security

Abstract: As the sophistication of cyber-attacks is ever increasing, cyber breaches become inevitable and their consequences are often highly damaging. Isolation and diversity are key techniques of cyber resilience for creating built-in resistance in cyber networks against the lateral movement of multi-step Advanced Persistent Threats (APTs) and epidemic attacks. However, the key unaddressed challenges are (1) how to ensure that specific isolation and diversity configurations are sufficient to prevent the lateral movement of attacks and (2) how to verify that such configurations are enforced safely despite the complex inter-dependency between cyber components. In this paper, we address these challenges by developing formal models and properties to verify the effectiveness and enforceability of proactive cyber resistance techniques. We present a bounded model checking approach based on satisfiability Modulo theories (SMT) for OpenFlow software defined networks (SDNs). We verify that given resist ance techniques are enforced in a way that does not violate the cyber mission requirements and we evaluate the configuration resistance based on user-defined resistance properties. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 35.172.111.215

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Alsaleh, M.; Al-Shaer, E. and Duan, Q. (2018). Verifying the Enforcement and Effectiveness of Network Lateral Movement Resistance Techniques.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT, ISBN 978-989-758-319-3, pages 246-257. DOI: 10.5220/0006868904120423

@conference{secrypt18,
author={Mohammed Noraden Alsaleh. and Ehab Al{-}Shaer. and Qi Duan.},
title={Verifying the Enforcement and Effectiveness of Network Lateral Movement Resistance Techniques},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT,},
year={2018},
pages={246-257},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006868904120423},
isbn={978-989-758-319-3},
}

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2 SECRYPT: SECRYPT,
TI - Verifying the Enforcement and Effectiveness of Network Lateral Movement Resistance Techniques
SN - 978-989-758-319-3
AU - Alsaleh, M.
AU - Al-Shaer, E.
AU - Duan, Q.
PY - 2018
SP - 246
EP - 257
DO - 10.5220/0006868904120423

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.