Abstract
With the increasing growth of cyber-attack incidences, it is important to develop innovative and effective techniques to assess and defend networked systems against cyber attacks. One of the well-known techniques for this is performing penetration testing which is carried by a group of security professionals (i.e, red team). Penetration testing is also known to be effective to find existing and new vulnerabilities, however, the quality of security assessment can be depending on the quality of the red team members and their time and devotion to the penetration testing. In this paper, we propose a novel automation framework for cyber-attacks generation named `HARMer' to address the challenges with respect to manual attack execution by the red team. Our novel proposed framework, design, and implementation is based on a scalable graphical security model called Hierarchical Attack Representation Model (HARM). (1) We propose the requirements and the key phases for the automation framework. (2) We propose security metrics-based attack planning strategies along with their algorithms. (3) We conduct experiments in a real enterprise network and Amazon Web Services. The results show how the different phases of the framework interact to model the attackers' operations. This framework will allow security administrators to automatically assess the impact of various threats and attacks in an automated manner.
Highlights
Despite the billions of dollars spent on the prevention of cyber-attacks, cyber-criminals have continued to cause devastating financial losses to businesses, enterprises, the governments, etc
Summary: The aforementioned Attack Graphs (AG) approaches focused on generating a set of attack paths to the attack goal with no indication of a specific attack path that at adversary may use per time
Similar to our work is the extension provided by Moskal et al [39], which proposed the red and blue team’s simulation framework to show the interplay between an attacker and defender
Summary
Despite the billions of dollars spent on the prevention of cyber-attacks, cyber-criminals have continued to cause devastating financial losses to businesses, enterprises, the governments, etc. Offensive security testing techniques have been employed to assess the various security posture of networks by launching cyber attacks. The work of Phillipsi & Swiler [47] is one of the earlier work that developed a graph-based tool to assess the risks to a networked system by identifying the set of attack paths with a high probability of success or low attack costs for the attacker. This tool provided a way to test the effectiveness of defenses (such as intrusion detection systems, firewall rules changes, etc)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
