Cyber Security Risk Analysis

Verified

Added on 2020/05/16

AI Summary

This assignment explores cybersecurity threats facing modern enterprise networks. It focuses on using probabilistic attack graphs to assess the likelihood of attacks based on propagation paths. The analysis delves into various countermeasures, including host-based vulnerability scanning, firewalls, and intrusion prevention systems. The assignment also examines limitations of existing detection methods and proposes areas for future research, such as addressing the Conflicker attack and vulnerabilities arising from shared host IPs.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CYBER SECURITY
Cyber security
Name of the student
Name of the University
Author note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1CYBER SECURITY
Answer to question 1
This main objective of this paper is to describe an enhancing factor of the NetSPA attack
graph system. This system will be used to model all the threats that are persistent in the present
day scenario which includes client-sided attacks and the zero-day exploits. This paper also
discusses about the countermeasures to be included for addressing the mitigation of these threats.
These countermeasures are host-based vulnerability scanning, personal and proxy firewalls and
intrusion prevention system.
Answer to question 2
The author of this paper wants to address the detection of the network related risks that
are persistent in the present day lives of any system. By measuring the risks involved in any kind
of enterprise based networks, the attacks graphs can utilize the network defenders for
understanding the various threats related to them and also apply the effective countermeasure
needed for mitigating them.
Answer to question 3
This paper has utilized the adoption of NetSPA which is an effective program that
captures the attacks graph for modeling the adversaries and effects related to the application of
the countermeasures. The working of this program is based on the scanning of the whole network
by utilizing network vulnerability scans and firewall rules (Ingols et al. 2009). In addition, in this
paper, for modeling all the attack related requirements, the network was scanned according to the
requirements. The network-based scans were utilized to find the vulnerabilities on client-sided
attacks. For modeling zero-day attacks, this paper has hypothesized various vulnerabilities.

2CYBER SECURITY
Answer to question 4
From the identified methods that have been used by enterprises are not able to solve the
threats associated to it. The previously identified methods also measured the threats associated
by utilizing the attack graphs. These were also used to make a modeling of the adversaries
associated to it. Moreover, the previous methods of attack detection utilized a hypothesis model
of server-side vulnerabilities. These were solved by patching the vulnerabilities to obtain a
cleaner solution.
Answer to question 5
The main question of this paper was to make an analysis of the enterprise based attacks
that may hamper the network. The conclusion of this paper defines the additional methodologies
that can be used to successfully model the vulnerability mentioned (Ingols et al. 2009). This
paper has also described new attacks related to network intrusions and the possible mitigation
strategies that can be used for addressing them. In addition, for solving the need for updating the
network detection mechanisms, this paper has also made changes in the computational
capabilities of the network and has also made evaluations in a small network for checking the
evaluations of this paper.
Answer to question 6
In this paper, the author has listed various methods of network detection. However, there
are many limitations to them. The modeling of the conflicker has not being addressed in this
paper (Ingols et al. 2009). The attack due to this is done by utilizing the propagation vectors and
restricted exploited sets. This is the experiment that the author needs to consider in their next
paper.

3CYBER SECURITY
Similarly, this paper also needs to model the vulnerability and threats associated to the
common sharing of host IPs by using single passwords. The modeling of the attacks is also to be
included in the next paper made by the author.
Answer to question 7
Title- Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs
URL- https://pdfs.semanticscholar.org/600e/af2f14b549bed20f1af15b80aca3175e511b.pdf
Summary
The information system of the modern world is subjected to various attackers who can
lead to devastation of the enterprise-based networks (Singhal and Ou 2017). The vulnerabilities
present can only be considered by utilizing the probabilistic attacks graphs. The likelihood of an
attack is deduced from the propagation path of the attack.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4CYBER SECURITY
References
Agarwal, P.K., Har-Peled, S., Kaplan, H. and Sharir, M., 2014. Union of random minkowski
sums and network vulnerability analysis. Discrete & Computational Geometry, 52(3), pp.551-
582.
Ingols, K., Chu, M., Lippmann, R., Webster, S. and Boyer, S., 2009, December. Modeling
modern network attacks and countermeasures using attack graphs. In Computer Security
Applications Conference, 2009. ACSAC'09. Annual (pp. 117-126). IEEE.
Jenelius, E. and Mattsson, L.G., 2015. Road network vulnerability analysis: Conceptualization,
implementation and application. Computers, environment and urban systems, 49, pp.136-147.
Singhal, A. and Ou, X., 2017. Security risk analysis of enterprise networks using probabilistic
attack graphs. In Network Security Metrics (pp. 53-73). Springer, Cham.

1 out of 5

+13062052269

info@desklib.com

Cyber Security Risk Analysis

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents