, /* initial attack location and final attack status */ attackerLocated(internet)
, attackGoal(execCode(database,user))
, /* configuration information of webServer */ vulExists(webServer,'directAccess',httpd). vulProperty('directAccess',remoteExploit,privEscalation)
, CWE-89',httpd). vulProperty('CWE-89',remoteExploit,privEscalation), /* vulnerability of the web application */ vulExists(database
, Specification, Verification and Optimization of Business Processes: A Unified Framework, 2014.
Topological vulnerability analysis, pp.139-154, 2010. ,
Mapping evidence graphs to attack graphs, Proceedings of the IEEE International Workshop on Information Forensics and Security, pp.121-126, 2012. ,
A logic-based network forensic model for evidence analysis, Advances in Digital Forensics XI, pp.129-145, 2015. ,
URL : https://hal.archives-ouvertes.fr/hal-01449074
A probabilistic network forensic model for evidence analysis, Advances in Digital Forensics XII, pp.189-210, 2016. ,
URL : https://hal.archives-ouvertes.fr/hal-01758685
, NIST Special Publication, pp.800-145, 2011.
A cyber mission impact assessment tool, Proceedings of the IEEE International Symposium on Technologies for Homeland Security, 2015. ,
Analyzing mission impacts of cyber actions (AMICA), Proceedings of the NATO IST-128 Workshop: Assessing Mission Impact of Cyberattacks, pp.80-86, 2015. ,
, OpenStack Foundation, Software, Austin, Texas (www.openstack. org/software), 2018.
MulVAL: A logic-based network security analyzer, Proceedings of the Fourteenth USENIX Security Symposium, 2005. ,
, Advances in Digital, pp.35-46, 2011.
An Overview of a Disk Imaging Tool in Computer Forensics, 2001. ,
Towards probabilistic identification of zero-day attack paths, Proceedings of the IEEE Conference on Communications and Network Security, pp.64-72, 2016. ,
Towards actionable mission impact assessment in the context of cloud computing, pp.259-274, 2017. ,
URL : https://hal.archives-ouvertes.fr/hal-01684363
Multilayered impact evaluation model for attacking missions, IEEE Systems Journal, vol.10, issue.4, pp.1304-1315, 2016. ,
A graph based approach toward network forensic analysis, ACM Transactions on Information and Systems Security, vol.12, issue.1, 2008. ,
FLUSH+RELOAD: A high resolution, low noise, L3 cache side-channel attack, Proceedings of the TwentyThird USENIX Security Symposium, pp.719-732, 2014. ,
Cross-VM side channels and their use to extract private keys, Proceedings of the ACM Conference on Computer and Communications Security, pp.305-316, 2012. ,