Course T6 – Security Risk Analysis of Enterprise Networks: Techniques and Challenges

Anoop Singhal, NIST
Xinming (Simon) Ou, Kansas State University

Tuesday Afternoon, December 6th, Half Day

Protection of enterprise networks from malicious intrusions is critical to the economy and security of our nation. The objective of this course is to give an overview of the techniques and challenges for security risk analysis of enterise networks. A standard model for security analysis will enable us to answer questions such as "are we more secure than yesterday" or "how does the security of one network configuration compare with another one". In this course, we will present a methodology for security risk analysis that is based on the model of attack graphs and the Common Vulnerability Scoring System (CVSS).

At present, computer networks constitute the core component of information technology infrastructures in areas such as power grids, financial data systems and emergency communication systems. Protection of these networks from malicious intrusions is critical to the economy and security of our nation. To improve the security of these information systems, it is necessary to measure the amount of security provided by different networks configurations. The objective of this course is to give an overview of the techniques and challenges for security risk analysis of computer networks. A standard model for security analysis will enable us to answer questions such as ¡§are we more secure than yesterday¡¨ or ¡§how does the security of one network configuration compare with another one¡¨. Also, having a standard model to measure network security will bring together users, vendors and researchers to evaluate methodologies and products for network security.

An essential type of security risk analysis is to determine the level of compromise possible for important hosts in a network from a given starting location. This is a complex task as it depends on the network topology, security policy in the network as determined by the placement of firewalls, routers and switches and on vulnerabilities in hosts and communication protocols. Traditionally, this type of analysis is performed by a red team of computer security professionals who actively test the network by running exploits that compromise the system. Red team exercises are effective, however they are labor intensive and time consuming. There is a need for alternate approaches that can work with host vulnerability scans.

In this course, we will present a methodology for security risk analysis that is based on the model of attack graphs and the Common Vulnerability Scoring System (CVSS). Attack graphs illustrate the cumulative effect of attack steps, showing how individual steps can potentially enable an attacker to gain privileges deep within the network. CVSS is a risk measurement system that gives the likelihood that a single attack step is successfully executed. In this course we present a methodology to measure the overall system risk by combining the attack graph structure with CVSS. Our technique analyzes all attack paths through a network, providing a probabilistic metric of the overall system risk.

Outline

  1. Basics of Enterprise Network Security.
  2. Threats to Networks.
  3. Common Vulnerability Scoring System (CVSS).
  4. Attack Graphs, Bayesian Networks and Tools for generating Attack Graphs.
  5. Security Risk Analysis of Enterprise Systems using Attack Graphs.
  6. Challenges and Future Directions.
  7. Conclusions.

Prerequisites

The anticipated participants are IT Security Professionals in industry and academia, researchers in computer and network security, graduate students.

About the Instructor

Dr. Anoop Singhal is currently a Senior Computer Scientist in the Computer Security Division at NIST. His research interests are in secure web services and network security, intrusion detection and large scale data mining systems. He has several years of research experience at NIST, George Mason University and AT&T Bell Labs. As a Distinguished Member of Technical Staff at Bell Labs he has led several research projects in the area of Databases and Data Mining Systems, Web Services and Network Management Systems. He is a senior member of IEEE and he has published more than 25 papers in leading conferences and journals. He received his Ph.D. in Computer Science from Ohio State University, Columbus Ohio. He has given several talks and presented papers in conferences such as RSA 2007, IFIP DBSEC 2010, ACM CCS 2010 and ACSAC 2009.

Dr. Xinming Ou is currently an Assistant Professor at Kansas State University. He received his PhD from Princeton University in 2005, where he designed the MulVAL network security analyzer as his PhD dissertation work. He was a post-doctoral research associate at Purdue University's CERIAS center from Sept 2005 to May 2006, and joined Kansas State University in Aug 2006. Dr. Ou has also visited Idaho National Laboratory (INL) for the summers of 2006 and 2007 as a research associate, working with INL scientists on applying logical attack graphs to analyze the security threats facing the nation's critical infrastructures. Dr. Ou's current research activities focus on enterprise network security defense, including security configuration management, intrusion analysis, and real-time situation awareness. He is a recipient of NSF Faculty Early Career Development (CAREER) Award.