Skip to Main content Skip to Navigation
Conference papers

A Layered Graphical Model for Cloud Forensic Mission Attack Impact Analysis

Abstract : Cyber attacks on the systems that support an enterprise’s mission can significantly impact its objectives. This chapter describes a layered graphical model designed to support forensic investigations by quantifying the mission impacts of cyber attacks. The model has three layers: (i) an upper layer that models operational tasks and their interdependencies that fulfill mission objectives; (ii) a middle layer that reconstructs attack scenarios based on the interrelationships of the available evidence; and (iii) a lower level that uses system calls executed in upper layer tasks in order to reconstruct missing attack steps when evidence is missing. The graphs constructed from the three layers are employed to compute the impacts of attacks on enterprise missions. The National Vulnerability Database – Common Vulnerability Scoring System scores and forensic investigator estimates are used to compute the mission impacts. A case study is presented to demonstrate the utility of the graphical model.
Document type :
Conference papers
Complete list of metadata

Cited literature [22 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Tuesday, January 22, 2019 - 9:44:39 AM
Last modification on : Thursday, February 7, 2019 - 3:40:57 PM
Long-term archiving on: : Tuesday, April 23, 2019 - 1:57:24 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Changwei Liu, Anoop Singhal, Duminda Wijesekera. A Layered Graphical Model for Cloud Forensic Mission Attack Impact Analysis. 14th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2018, New Delhi, India. pp.263-289, ⟨10.1007/978-3-319-99277-8_15⟩. ⟨hal-01988841⟩



Record views


Files downloads