Date of Award:

12-2008

Document Type:

Thesis

Degree Name:

Master of Science (MS)

Department:

Computer Science

Committee Chair(s)

Robert F. Erbacher

Committee

Robert F. Erbacher

Committee

Chad Mano

Committee

Stephen W. Clyde

Abstract

Systems and networks have been under attack from the time the Internet first came into existence. There is always some uncertainty associated with the impact of the new attacks. Compared to the problem of attack detection, analysis of attack impact has received very little attention. Generalize and forecasting the kind of attack that will hit systems in future is not possible. However, it is possible to predict the behavior of a new attack and, thereby, the impact of the attack. This thesis proposes a method for predicting the impact of a new attack on systems and networks as well as the severity of the impact of the new attack. The prediction is based on the assumption that a future attack will be similar to already existing attacks. The severity of the attack depends on a few specific system/network parameters identified in this thesis. The cumulative effect of an attack is a summation of the behavior of these identified parameters during the attack. The suggested method is based on simulating a selected number of existing attacks, collecting the results of the impact of these attacks, and using them along with attack graphs to automatically detect the impact of a new attack. A formula is proposed for calculating the impact severity percentage, which is calculated as a percentage value of the impact of the known attack. This value will help identify critical points that need special care to ensure the readiness of a network or system to withstand an attack.

Checksum

88ce85fdb2ffd3cb386049935ddcb13d

Share

COinS