Modeling and analysis of stepping stone attacks

David M. Nicol; Vikas Mallapura

doi:10.1109/WSC.2014.7020142

Modeling and analysis of stepping stone attacks

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Computer exploits often involve an attacker being able to compromise a sequence of hosts, creating a chain of 'stepping stones' from his source to ultimate target. Stepping stones are usually necessary to access well-protected resources, and also serve to mask the attacker's location. This paper describes means of constructing models of networks and the access control mechanisms they employ to approach the problem of finding which stepping stone paths are easiest for an attacker to find. While the simplest formulation of the problem can be addressed with deterministic shortest-path algorithms, we argue that consideration of what and how an attacker may (or may not) launch from a compromised host pushes one towards solutions based on Monte Carlo sampling. We describe the sampling algorithm and some preliminary results obtained using it.

Original language	English (US)
Title of host publication	Proceedings of the 2014 Winter Simulation Conference, WSC 2014
Editors	Andreas Tolk, Levent Yilmaz, Saikou Y. Diallo, Ilya O. Ryzhov
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	3036-3047
Number of pages	12
ISBN (Electronic)	9781479974863
DOIs	https://doi.org/10.1109/WSC.2014.7020142
State	Published - Jan 23 2015
Event	2014 Winter Simulation Conference, WSC 2014 - Savannah, United States Duration: Dec 7 2014 → Dec 10 2014

Publication series

Name	Proceedings - Winter Simulation Conference
Volume	2015-January
ISSN (Print)	0891-7736

Other

Other	2014 Winter Simulation Conference, WSC 2014
Country/Territory	United States
City	Savannah
Period	12/7/14 → 12/10/14

ASJC Scopus subject areas

Software
Modeling and Simulation
Computer Science Applications

Online availability

10.1109/WSC.2014.7020142

Library availability

Discover UIUC Full Text

Cite this

Nicol, D. M., & Mallapura, V. (2015). Modeling and analysis of stepping stone attacks. In A. Tolk, L. Yilmaz, S. Y. Diallo, & I. O. Ryzhov (Eds.), Proceedings of the 2014 Winter Simulation Conference, WSC 2014 (pp. 3036-3047). Article 7020142 (Proceedings - Winter Simulation Conference; Vol. 2015-January). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/WSC.2014.7020142

Modeling and analysis of stepping stone attacks. / Nicol, David M.; Mallapura, Vikas.
Proceedings of the 2014 Winter Simulation Conference, WSC 2014. ed. / Andreas Tolk; Levent Yilmaz; Saikou Y. Diallo; Ilya O. Ryzhov. Institute of Electrical and Electronics Engineers Inc., 2015. p. 3036-3047 7020142 (Proceedings - Winter Simulation Conference; Vol. 2015-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Nicol, DM & Mallapura, V 2015, Modeling and analysis of stepping stone attacks. in A Tolk, L Yilmaz, SY Diallo & IO Ryzhov (eds), Proceedings of the 2014 Winter Simulation Conference, WSC 2014., 7020142, Proceedings - Winter Simulation Conference, vol. 2015-January, Institute of Electrical and Electronics Engineers Inc., pp. 3036-3047, 2014 Winter Simulation Conference, WSC 2014, Savannah, United States, 12/7/14. https://doi.org/10.1109/WSC.2014.7020142

@inproceedings{4ee892e5b077441d92347d9aee40dba3,

title = "Modeling and analysis of stepping stone attacks",

abstract = "Computer exploits often involve an attacker being able to compromise a sequence of hosts, creating a chain of 'stepping stones' from his source to ultimate target. Stepping stones are usually necessary to access well-protected resources, and also serve to mask the attacker's location. This paper describes means of constructing models of networks and the access control mechanisms they employ to approach the problem of finding which stepping stone paths are easiest for an attacker to find. While the simplest formulation of the problem can be addressed with deterministic shortest-path algorithms, we argue that consideration of what and how an attacker may (or may not) launch from a compromised host pushes one towards solutions based on Monte Carlo sampling. We describe the sampling algorithm and some preliminary results obtained using it.",

author = "Nicol, {David M.} and Vikas Mallapura",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 2014 Winter Simulation Conference, WSC 2014 ; Conference date: 07-12-2014 Through 10-12-2014",

year = "2015",

month = jan,

day = "23",

doi = "10.1109/WSC.2014.7020142",

language = "English (US)",

series = "Proceedings - Winter Simulation Conference",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "3036--3047",

editor = "Andreas Tolk and Levent Yilmaz and Diallo, {Saikou Y.} and Ryzhov, {Ilya O.}",

booktitle = "Proceedings of the 2014 Winter Simulation Conference, WSC 2014",

address = "United States",

}

TY - GEN

T1 - Modeling and analysis of stepping stone attacks

AU - Nicol, David M.

AU - Mallapura, Vikas

PY - 2015/1/23

Y1 - 2015/1/23

N2 - Computer exploits often involve an attacker being able to compromise a sequence of hosts, creating a chain of 'stepping stones' from his source to ultimate target. Stepping stones are usually necessary to access well-protected resources, and also serve to mask the attacker's location. This paper describes means of constructing models of networks and the access control mechanisms they employ to approach the problem of finding which stepping stone paths are easiest for an attacker to find. While the simplest formulation of the problem can be addressed with deterministic shortest-path algorithms, we argue that consideration of what and how an attacker may (or may not) launch from a compromised host pushes one towards solutions based on Monte Carlo sampling. We describe the sampling algorithm and some preliminary results obtained using it.

AB - Computer exploits often involve an attacker being able to compromise a sequence of hosts, creating a chain of 'stepping stones' from his source to ultimate target. Stepping stones are usually necessary to access well-protected resources, and also serve to mask the attacker's location. This paper describes means of constructing models of networks and the access control mechanisms they employ to approach the problem of finding which stepping stone paths are easiest for an attacker to find. While the simplest formulation of the problem can be addressed with deterministic shortest-path algorithms, we argue that consideration of what and how an attacker may (or may not) launch from a compromised host pushes one towards solutions based on Monte Carlo sampling. We describe the sampling algorithm and some preliminary results obtained using it.

UR - http://www.scopus.com/inward/record.url?scp=84940516142&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84940516142&partnerID=8YFLogxK

U2 - 10.1109/WSC.2014.7020142

DO - 10.1109/WSC.2014.7020142

M3 - Conference contribution

AN - SCOPUS:84940516142

T3 - Proceedings - Winter Simulation Conference

SP - 3036

EP - 3047

BT - Proceedings of the 2014 Winter Simulation Conference, WSC 2014

A2 - Tolk, Andreas

A2 - Yilmaz, Levent

A2 - Diallo, Saikou Y.

A2 - Ryzhov, Ilya O.

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2014 Winter Simulation Conference, WSC 2014

Y2 - 7 December 2014 through 10 December 2014

ER -

Modeling and analysis of stepping stone attacks

Abstract

Publication series

Other

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this