Degree Type
Thesis
Date of Award
2013
Degree Name
Master of Science
Department
Electrical and Computer Engineering
First Advisor
Thomas Daniels
Abstract
Advanced Persistent Threats(APT) are a serious concern to secure an organization. The sophistica- tion of APT attacks is much discussed, and the recent compromising of Google, RSA and Sony using APTs has gained lots of attentions. Successful protection against APTs should complement traditional perimeter and infrastructure security measures and policies. In this paper, we show that adding APTs in our threat landscape, conventional attack graphs for realistic environments are quite dense meaning that their utility is quite limited. This density is a consequence of common, inherent vulnerabilities in conventional computing systems and network environments. Our approach is to formally define a set of vulnerabilities that we call privilege expansion vulnerabilities. A superset of privilege escalation vulnerabilities, privilege expansion refers to cases where an attacker can either earn greater privilege on the current host or use his current privilege to earn privileges on other hosts. Based on our formal definitions, we define a set of rules for adding edges to attack graphs and develop a tool that computes a closure of these rules in the graph. For two example environments, we compute new attack graphs incorporating these new edges and demonstrate the use of the tool by evaluating addressing 4 different privilege expansion vulnerabilities.
DOI
https://doi.org/10.31274/etd-180810-406
Copyright Owner
Yang Yang
Copyright Date
2013
Language
en
File Format
application/pdf
File Size
34 pages
Recommended Citation
Yang, Yang, "On the Density and Subsequent Utility of Attack Graphs in Realistic Environments" (2013). Graduate Theses and Dissertations. 13556.
https://lib.dr.iastate.edu/etd/13556