Click here to go to Public STINET (Scientific Technical Information Network) at the Defense Technical Information Center (DTIC)

Defense Technical Information Center

Accession Number : ADA462426

Title :   Performance Analysis of Automated Attack Graph Generation Software

Descriptive Note : Master's thesis

Corporate Author : NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s) : Cullum, James J.

Handle / proxy Url :             Check NTIS Availability...

Report Date : DEC 2006

Pagination or Media Count : 159

Abstract : The current generation of network vulnerability detection software uses databases of known vulnerabilities and scans target networks for these weaknesses. The results can be voluminous and difficult to assess. Thus, the success of this technology has created a need for software to aid in network vulnerability analysis. Although research has shown the effectiveness of automated attack graph generation tools in displaying potential attack paths in a network, research involving the performance of these tools has been limited. Using empirical testing, we have collected quantitative data using CAULDRON, an attack graph generation tool developed at George Mason University, on a collection of simulated networks. By defining our model to include sets of nodes, which allow connectivity from all nodes to all nodes in the set; the number of nodes present in each set, the number of connections between sets; and the number of vulnerabilities per node as our variables, we are able to observe the performance impact on CAULDRON of connectivity and the increased presence of vulnerabilities in our networks. The effect of these variables on processing time and memory usage is presented and can be used as a metric to assess the scalability of this tool within various customer environments.

Descriptors :   *SOFTWARE ENGINEERING, *GRAPHS, *ATTACK, *COMPUTER NETWORKS, AUTOMATION, INTRUSION DETECTION(COMPUTERS), PERFORMANCE(ENGINEERING), VULNERABILITY, THESES, NODES

Subject Categories : COMPUTER SYSTEMS MANAGEMENT AND STANDARDS

Distribution Statement : APPROVED FOR PUBLIC RELEASE



Search DTIC's Public STINET for similiar documents.

Members of the public may purchase hardcopy documents from the National Technical Information Service.