HARMer: Cyber-attacks Automation and Evaluation
| Autor: | Myung Kil Ahn, Donghwan Lee, Dong Seong Kim, Simon Yusuf Enoch, Zhibin Huang, Chun Yong Moon |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2020 |
| Předmět: |
FOS: Computer and information sciences
Attack automation Computer Science - Cryptography and Security cybersecurity General Computer Science Computer science media_common.quotation_subject 0211 other engineering and technologies Vulnerability blue team 02 engineering and technology Computer security computer.software_genre offensive security Data modeling penetration testing attack planning 0202 electrical engineering electronic engineering information engineering Enterprise private network General Materials Science Quality (business) Representation (mathematics) media_common 021110 strategic defence & security studies business.industry General Engineering 020206 networking & telecommunications Computer security model Automation Scalability Key (cryptography) lcsh:Electrical engineering. Electronics. Nuclear engineering business lcsh:TK1-9971 computer Cryptography and Security (cs.CR) |
| Zdroj: | IEEE Access, Vol 8, Pp 129397-129414 (2020) |
| Popis: | With the increasing growth of cyber-attack incidences, it is important to develop innovative and effective techniques to assess and defend networked systems against cyber attacks. One of the well-known techniques for this is performing penetration testing which is carried by a group of security professionals (i.e, red team). Penetration testing is also known to be effective to find existing and new vulnerabilities, however, the quality of security assessment can be depending on the quality of the red team members and their time and devotion to the penetration testing. In this paper, we propose a novel automation framework for cyber-attacks generation named `HARMer' to address the challenges with respect to manual attack execution by the red team. Our novel proposed framework, design, and implementation is based on a scalable graphical security model called Hierarchical Attack Representation Model (HARM). (1) We propose the requirements and the key phases for the automation framework. (2) We propose security metrics-based attack planning strategies along with their algorithms. (3) We conduct experiments in a real enterprise network and Amazon Web Services. The results show how the different phases of the framework interact to model the attackers' operations. This framework will allow security administrators to automatically assess the impact of various threats and attacks in an automated manner. 19 pages, journal |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|