Dissertation/Thesis Abstract

A method for automatically generating rules for a requires-provides security model of a system
by Orvis, William Snow, M.S., University of California, Davis, 2009, 109; 1470280
Abstract (Summary)

Much research has been done in modeling network intruder attacks using attack graphs and the requires-provides model. However, that research has focused on the attackers' use of vulnerabilities and other known or unknown flaws in existing services. An attacker could utilize what would otherwise be considered valid actions within a system before or after an attack, or he could take advantage of a misconfiguration of a service in order to delve deeper into that system.

This paper presents System Analyst, a tool suite for generating requires-provides relations that represent the security consequences of the configuration of various services. These relations can then be utilized by intrusion detection engines or forensic tools to enable a greater level of correlating events of an attack, or as a configuration checker for detecting dangerously configured and misconfigured services on a computer system.

Supplemental Files

Some files may require a special program or browser plug-in. More Information

Indexing (document details)
Advisor: Bishop, Matthew A.
Commitee: Chen, Hao, Wu, S. Felix
School: University of California, Davis
Department: Computer Science
School Location: United States -- California
Source: MAI 48/02M, Masters Abstracts International
Source Type: DISSERTATION
Subjects: Computer science
Keywords: Attack modeling, Configuration checking, Model generation, Security modeling
Publication Number: 1470280
ISBN: 9781109487411
Copyright © 2018 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest