About this event
Lecturer: Paul Ammann, Associate Professor at George Mason University
Abstract
Even well administered networks are vulnerable to attack.Although commercial scanning tools can analyze vulnerabilities on individual hosts, they don't really help a system administrator decide whether a vulnerable, but desirable, service is too risky to operate.
The reason is that an attacker typically breaks into a network with a chain of exploits, rather than a single exploit, and the system administrator must worry about interactions between multiple exploits. Each exploit in a chain takes advantage of the penetration achieved by prior exploits, and the final exploit in the chain achieves the attacker's goal. Researchers have proposed a variety of algorithms to discover single exploit chains, to enumerate attack graphs encoding all exploit chains, to define probability measures on attack success, to deal with known vs. unknown exploits, to find critical sets of exploits, hosts, and vulnerabilities, and so on. Some of these graph algorithms are implemented directly, and others take advantage of the expressive power and compact representations afforded by model checkers.
This talk illustrates the various current solutions along with their limitations, and outlines some approaches to making vulnerability analysis practical for large scale networks.
About the Lecturer:
Paul Ammann is an Associate Professor in the Department of Information and Software Engineering in the School of Information Technology and Engineering at George Mason University in Fairfax, Virginia. His basic research interest might best be described as "Why do things go wrong and what can we do about it?" Current research topics include secure information systems, software testing, semantic-based transaction processing, software for critical systems, and formal methods. He has published fifty-some research papers in refereed journals and conferences. He earned an AB degree in Computer Science from Dartmouth College, and MS and PhD degrees in Computer Science from the University of Virginia. For recreation he enjoys running ultramarathons. Contact Prof. Ammann at: pammann@ise.gmu.edu
Webcast Link
*Alternate Link, please copy and paste the following URL into your browser location bar http://www.ngi-supernet.org/conferences.html
In order to view this Webcast, you must have RealPlayer installed on your computer. For more information on Realplayer, check out Real.com or click on the links below to download the player.
You can download and install the FREE version of RealPlayer 8 Basic from Download.com: Macintosh | Windows (All versions)
Abstract
Even well administered networks are vulnerable to attack.Although commercial scanning tools can analyze vulnerabilities on individual hosts, they don't really help a system administrator decide whether a vulnerable, but desirable, service is too risky to operate.
The reason is that an attacker typically breaks into a network with a chain of exploits, rather than a single exploit, and the system administrator must worry about interactions between multiple exploits. Each exploit in a chain takes advantage of the penetration achieved by prior exploits, and the final exploit in the chain achieves the attacker's goal. Researchers have proposed a variety of algorithms to discover single exploit chains, to enumerate attack graphs encoding all exploit chains, to define probability measures on attack success, to deal with known vs. unknown exploits, to find critical sets of exploits, hosts, and vulnerabilities, and so on. Some of these graph algorithms are implemented directly, and others take advantage of the expressive power and compact representations afforded by model checkers.
This talk illustrates the various current solutions along with their limitations, and outlines some approaches to making vulnerability analysis practical for large scale networks.
About the Lecturer:
Paul Ammann is an Associate Professor in the Department of Information and Software Engineering in the School of Information Technology and Engineering at George Mason University in Fairfax, Virginia. His basic research interest might best be described as "Why do things go wrong and what can we do about it?" Current research topics include secure information systems, software testing, semantic-based transaction processing, software for critical systems, and formal methods. He has published fifty-some research papers in refereed journals and conferences. He earned an AB degree in Computer Science from Dartmouth College, and MS and PhD degrees in Computer Science from the University of Virginia. For recreation he enjoys running ultramarathons. Contact Prof. Ammann at: pammann@ise.gmu.edu
Webcast Link
*Alternate Link, please copy and paste the following URL into your browser location bar http://www.ngi-supernet.org/conferences.html
In order to view this Webcast, you must have RealPlayer installed on your computer. For more information on Realplayer, check out Real.com or click on the links below to download the player.
You can download and install the FREE version of RealPlayer 8 Basic from Download.com: Macintosh | Windows (All versions)