Intro work
This commit is contained in:
parent
64585b43d3
commit
6c082f0dc1
@ -1280,5 +1280,65 @@ of 27},
|
||||
author = {PCI Security Standards Council}
|
||||
}
|
||||
|
||||
@INPROCEEDINGS{9678822,
|
||||
author={Dakhno, Natalia and Leshchenko, Olga and Kravchenko, Yurii and Dudnik, Andriy and Trush, Olexandr and Khankishiev, Victor},
|
||||
booktitle={2021 IEEE 3rd International Conference on Advanced Trends in Information Theory (ATIT)},
|
||||
title={Dynamic Model of the Spread of Viruses in a Computer Network Using Differential Equations},
|
||||
year={2021},
|
||||
volume={},
|
||||
number={},
|
||||
pages={111-115},
|
||||
doi={10.1109/ATIT54053.2021.9678822}}
|
||||
|
||||
@INPROCEEDINGS{7993827,
|
||||
author={Kwon, Minhae and Kwon, Jungmin and Park, Byungchul and Park, Hyunggon},
|
||||
booktitle={2017 Ninth International Conference on Ubiquitous and Future Networks (ICUFN)},
|
||||
title={An architecture of IPTV networks based on network coding},
|
||||
year={2017},
|
||||
volume={},
|
||||
number={},
|
||||
pages={462-464},
|
||||
doi={10.1109/ICUFN.2017.7993827}}
|
||||
|
||||
@INPROCEEDINGS{8652334,
|
||||
author={Bai, Xiaodan and Liang, Mangui and Zhu, Senpeng},
|
||||
booktitle={2018 14th IEEE International Conference on Signal Processing (ICSP)},
|
||||
title={A New Routing Scheme for Large-scale Computer Network},
|
||||
year={2018},
|
||||
volume={},
|
||||
number={},
|
||||
pages={1019-1023},
|
||||
doi={10.1109/ICSP.2018.8652334}}
|
||||
|
||||
@inproceedings{CPSIOT,
|
||||
author = {Al Ghazo, Alaa T. and Ibrahim, Mariam and Ren, Hao and Kumar, Ratnesh},
|
||||
title = {A2G2V: Automated Attack Graph Generator and Visualizer},
|
||||
year = {2018},
|
||||
isbn = {9781450358606},
|
||||
publisher = {Association for Computing Machinery},
|
||||
address = {New York, NY, USA},
|
||||
url = {https://doi.org/10.1145/3215466.3215468},
|
||||
doi = {10.1145/3215466.3215468},
|
||||
booktitle = {Proceedings of the 1st ACM MobiHoc Workshop on Mobile IoT Sensing, Security, and Privacy},
|
||||
articleno = {3},
|
||||
numpages = {6},
|
||||
keywords = {Model Checking, Security, Enumerating Counterexamples, Internet of Things, Attack Graph, Cyber-Physical Systems},
|
||||
location = {Los Angeles, CA, USA},
|
||||
series = {Mobile IoT SSP'18}
|
||||
}
|
||||
|
||||
@article{ming_jo,
|
||||
author = {Li, Ming and Hawrylak, Peter and Hale, John},
|
||||
title = {Strategies for Practical Hybrid Attack Graph Generation and Analysis},
|
||||
year = {2021},
|
||||
publisher = {Association for Computing Machinery},
|
||||
address = {New York, NY, USA},
|
||||
issn = {2692-1626},
|
||||
url = {https://doi.org/10.1145/3491257},
|
||||
doi = {10.1145/3491257},
|
||||
abstract = {As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but also integrates components that operate in the continuous domain, such as sensors and actuators. Using AGs on CPSs requires that the system models and exploit patterns capture both token- and real-valued information. In this paper, we describe a hybrid AG model for security analysis of CPSs and computer networks. Specifically, we focus on two issues related to applying the model in practice: efficient hybrid AG generation and techniques for information extraction from them. To address the first issue, we present an accelerated hybrid AG generator that employs parallel programming and high performance computing (HPC). We conduct performance tests on CPU and GPU platforms to characterize the efficiency of our parallel algorithms. To address the second issue, we introduce an analytical regimen based on centrality analysis and apply it to a hybrid AG generated for a target CPS system to discover effective vulnerability remediation solutions.},
|
||||
journal = {Digital Threats},
|
||||
month = {oct},
|
||||
keywords = {cyber-physical system, high performance computing, attack graph, breadth-first search}
|
||||
}
|
||||
|
||||
|
||||
@ -52,7 +52,11 @@ Attack Graph; Compliance Graph; MPI; High-Performance Computing; Cybersecurity;
|
||||
\end{IEEEkeywords}
|
||||
|
||||
\section{Introduction}
|
||||
This work attempts to further those efforts and extend RAGE to function on distributed computing environments to take advantage of the increased computing power using message-passing. As mentioned by the author of \cite{pacheco_introduction_2011}, MPI is the most widely used message-passing API, and this work intended to utilize an API that was not only familiar and accessible, but versatile and powerful for parallelizing RAGE for distributed computing platforms. This work discusses a task parallelism approach for the generation process, and uses OpenMPI for the MPI implementation.
|
||||
As the size of computer networks continues to grow, cybersecurity analysts are tasked to mitigate risk with increasing difficulty. The authors of \cite{9678822}, \cite{7993827}, and \cite{8652334} discuss how the rapidly expanding network sizes bring about drastic changes along with the requirement to shift and refocus to accommodate the expansion. This includes presenting novel architectures to support the ever-growing IPTV networks, examinations of computer viruses through epidemiology modeling, and evaluations of new routing schemes. In recent years, a greater usage of cyber-physical systems and a growing adoption of the Internet of Things (IoT) also contributes to an increased need for risk mitigation across varying types of networks, as discussed by the authors of \cite{baloyi_guidelines_2019}, \cite{allman_complying_2006}, and \cite{j_hale_compliance_nodate}. One approach for analyzing the large number of hosts and growing lists of exploits is to automate the generation of attack or compliance graphs for later use. Attack and compliance graphs are directed acyclic graphs (DAGs) that typically represent one or many systems as nodes in a graph, and any changes that could be made to them as edges. The automation of these graphs has been used and presented by authors such as \cite{ou_scalable_2006}, \cite{CPSIOT}, and \cite{ming_jo}. The graph generators will take system information and exploits to check for as input, and will exhaustively draw all possible ways that the systems may be at risk of a cybersecurity attack or at risk of violating a compliance regulation or mandate. If a system is able to be modified through a setting change (regardless of intent), have its compliance standing altered, or have a policy updated, an edge is drawn from that node to a new node with the changed system properties. This process is repeated until all possible alterations are identified and represented in the resulting attack or compliance graph.
|
||||
|
||||
Difficulties
|
||||
|
||||
This work attempts to further those efforts and extend RAGE to function on distributed computing environments to take advantage of the increased computing power using message-passing. As mentioned by the author of \cite{pacheco_introduction_2011}, MPI is the most widely used message-passing API, and one goal of this work was to utilize an API that was not only familiar and accessible, but versatile and powerful for parallelizing RAGE for distributed computing platforms. This work discusses a task parallelism approach for the generation process, and uses OpenMPI for the MPI implementation.
|
||||
|
||||
\section{Related Works}
|
||||
For architectural and hardware techniques for general graph generation improvement, the authors of \cite{ainsworth_graph_2016} discuss the high cache miss rate, and how general prefetching
|
||||
@ -71,7 +75,7 @@ This work was continued by the authors of \cite{li_concurrency_2019} by implemen
|
||||
|
||||
Another approach for generation improvement is through parallelization. The authors of \cite{li_concurrency_2019} leverage OpenMP to parallelize the exploration of a FIFO queue. This parallelization also includes the utilization of OpenMP's dynamic scheduling. In this approach, each thread receives a state to explore, where a critical section is employed to handle the atomic functions of merging new state information while avoiding collisions, race conditions, or stale data usage. The authors measured a 10x speedup over the serial algorithm.
|
||||
The authors of \cite{9150145} present a parallel generation approach using CUDA, where speedup is obtained through a large number of CUDA cores.
|
||||
For a distributed approach, the authors of \cite{7087377} present a technique for utilizing reachability hyper-graph partitioning and a virtual shared memory abstraction to prevent duplicate work by multiple nodes. This work had promising results in terms of limiting the state-space explosion and speedup as the number of network hosts increases.
|
||||
For a distributed approach, the authors of \cite{7087377} present a technique for utilizing reachability hyper-graph partitioning and a virtual shared memory abstraction to prevent duplicate work by multiple nodes. This work had promising results in terms of speedup and in limiting the state-space explosion as the number of network hosts increases.
|
||||
|
||||
\section{Necessary Components}
|
||||
\subsection{Serialization}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user