Skip to Main content Skip to Navigation
Conference papers

A Layered Graphical Model for Cloud Forensic Mission Attack Impact Analysis

Abstract : Cyber attacks on the systems that support an enterprise’s mission can significantly impact its objectives. This chapter describes a layered graphical model designed to support forensic investigations by quantifying the mission impacts of cyber attacks. The model has three layers: (i) an upper layer that models operational tasks and their interdependencies that fulfill mission objectives; (ii) a middle layer that reconstructs attack scenarios based on the interrelationships of the available evidence; and (iii) a lower level that uses system calls executed in upper layer tasks in order to reconstruct missing attack steps when evidence is missing. The graphs constructed from the three layers are employed to compute the impacts of attacks on enterprise missions. The National Vulnerability Database – Common Vulnerability Scoring System scores and forensic investigator estimates are used to compute the mission impacts. A case study is presented to demonstrate the utility of the graphical model.
Document type :
Conference papers
Complete list of metadata

Cited literature [22 references]  Display  Hide  Download

https://hal.inria.fr/hal-01988841
Contributor : Hal Ifip <>
Submitted on : Tuesday, January 22, 2019 - 9:44:39 AM
Last modification on : Thursday, February 7, 2019 - 3:40:57 PM
Long-term archiving on: : Tuesday, April 23, 2019 - 1:57:24 PM

File

472401_1_En_15_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Changwei Liu, Anoop Singhal, Duminda Wijesekera. A Layered Graphical Model for Cloud Forensic Mission Attack Impact Analysis. 14th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2018, New Delhi, India. pp.263-289, ⟨10.1007/978-3-319-99277-8_15⟩. ⟨hal-01988841⟩

Share

Metrics

Record views

82

Files downloads

3