Метод захисту віртуального хмарного середовища на основі графа структури атаки
DOI: 10.31673/2409-7292.2023.010003
Анотація
The article proposes the creation of an effective system for detecting and responding to external influences in order to minimize the consequences of breaching the protection of cloud virtual resources in a timely manner. Mathematical models have been improved to ensure the protection of virtual cloud resources for software-configured networks, namely: a mathematical model of the impact of an attack on virtual cloud resources, a mathematical model for assessing the state of virtual cloud resources, a mathematical model for choosing a countermeasure based on a complex indicator for software-configured networks. Based on the obtained mathematical models, a graph of attacks on the virtual cloud environment was developed. This graph allows you to get information about all known system vulnerabilities.
Keywords: Cloud, Cloud Technologies, Attack Graph, Alert Correlation Graph, Attack Scenario.
References
1. Anatomy of a cloud storage infrastructure by M. Tim Jones http://public.dhe.ibm.com/software/dw/cloud/library/cl-cloudstorage-pdf.pdf
2. Rajan, Sreeranga & Ginkel, Wilco & Sundaresan, Neel & Bardhan, Anant & Chen, Yu & Fuchs, Adam & Kapre, Aditya & Lane, Adrian & Lu, Rongxing & Manadhata, Pratyusa & Molina, Jesus & Cardenas, Alvaro & Murthy, Praveen & Roy, Arnab & Sathyadevan, Shiju & Shah, Nrupak. (2013). Cloud Security Alliance report on the Top Ten Challenges in Big Data Privacy and Security. 10.13140/RG.2.1.1744.1127.
3. Shin, Gun-Yoon, Sung-Sam Hong, Jung-Sik Lee, In-Sung Han, Hwa-Kyung Kim, and Haeng-Rok Oh. 2022. "Network Security Node-Edge Scoring System Using Attack Graph Based on Vulnerability Correlation" Applied Sciences 12, no. 14: 6852. https://doi.org/10.3390/app1214685.
4. Hu, Hao & Liu, Jing & Zhang, Yuchen & Liu, Yuling & Xu, Xiaoyu & Jinglei, Tan. (2020). Attack scenario reconstruction approach using attack graph and alert data mining. Journal of Information Security and Applications, Volume 54, 2020, 102522.
5. Saad, Sherif & Traore, Issa. (2013). Semantic aware attack scenarios reconstruction. Journal of Information Security and Applications. 18. 53–67. 10.1016/j.jisa.2013.08.002.
6. I. Kotenko and A. Chechulin, "A Cyber Attack Modeling and Impact Assessment framework," 2013 5th International Conference on Cyber Conflict (CYCON 2013), 2013, pp. 1-24.
7. Booth, H., Rike, D. and Witte, G. (2013), The National Vulnerability Database (NVD): Overview, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=915172 (Accessed December 21, 2022)
8. Su Zhang, Xinming Ou & Doina Caragea (2015) Predicting Cyber Risks through National Vulnerability Database, Information Security Journal: A Global Perspective, 24:4-6, 194-206, DOI: 10.1080/19393555.2015.1111961
9. Qi, Yulu, Rong Jiang, Yan Jia, and Aiping Li. 2020. "Attack Analysis Framework for Cyber-Attack and Defense Test Platform" Electronics 9, no. 9: 1413. https://doi.org/10.3390/electronics9091413
10. https://www.metasploit.com/
11. https://www.offensive-security.com/metasploit-unleashed/armitage-setup/
12. Вишнівський В.В. Дослідження технології захисту віртуального хмарного середовища на основі графа атак. Пояснювальна записка до магістерської роботи. – К.: ДУТ, 2021. – 78 с.