diff --git a/Bibliography.bib b/Bibliography.bib index 617e429..b393536 100644 --- a/Bibliography.bib +++ b/Bibliography.bib @@ -14,6 +14,63 @@ bibsource = {dblp computer science bibliography, https://dblp.org} } +@ARTICLE{7087377, + author={Kaynar, Kerem and Sivrikaya, Fikret}, + journal={IEEE Transactions on Dependable and Secure Computing}, + title={Distributed Attack Graph Generation}, + year={2016}, + volume={13}, + number={5}, + pages={519-532}, + doi={10.1109/TDSC.2015.2423682} +} + +@INPROCEEDINGS{LAPA, + author={Yi, Feng and Cai, Huang Yi and Xin, Fu Zheng}, + booktitle={2018 IEEE International Conference on Networking, Architecture and Storage (NAS)}, + title={A Logic-Based Attack Graph for Analyzing Network Security Risk Against Potential Attack}, + year={2018}, + volume={}, + number={}, + pages={1-4}, + doi={10.1109/NAS.2018.8515733} +} + +@INPROCEEDINGS{AG-Sample, + author={Subasi, Omer and Purohit, Sumit and Bhattacharya, Arnab and Chatterjee, Samrat}, + booktitle={2022 IEEE International Symposium on Technologies for Homeland Security (HST)}, + title={Impact-Driven Sampling Strategies for Hybrid Attack Graphs}, + year={2022}, + volume={}, + number={}, + pages={1-7}, + doi={10.1109/HST56032.2022.10025439} +} + + +@INPROCEEDINGS{GraphDB, + author={Simon-Nagy, Gabriella and Fleiner, Rita and Bánáti, Anna}, + booktitle={2022 IEEE 20th Jubilee International Symposium on Intelligent Systems and Informatics (SISY)}, + title={Attack Graph Implementation in Graph Database}, + year={2022}, + volume={}, + number={}, + pages={000127-000132}, + doi={10.1109/SISY56759.2022.10036309} +} + +@INPROCEEDINGS{Graph-DB, + author={Yuan, Bintao and Pan, Zulie and Shi, Fan and Li, Zhenhan}, + booktitle={2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)}, + title={An Attack Path Generation Methods Based on Graph Database}, + year={2020}, + volume={1}, + number={}, + pages={1905-1910}, + doi={10.1109/ITNEC48623.2020.9085039} +} + + @book{hursey2010coordinated, title={Coordinated checkpoint/restart process fault tolerance for MPI applications on HPC systems}, author={Hursey, Joshua}, @@ -77,7 +134,7 @@ file = {Graph Analysis With High-Performance Computing:/home/noah/Zotero/storage/T84DCNCC/Graph Analysis With High-Performance Computing.pdf:application/pdf}, } -@phdthesis{cook_rage_2018, +@mastersthesis{cook_rage_2018, title = {{RAGE}: {The} {Rage} {Attack} {Graph} {Engine}}, author = {Cook, Kyle}, school = {The {University} of {Tulsa}}, diff --git a/Schrick-Noah_AG-CG-CR.aux b/Schrick-Noah_AG-CG-CR.aux index 1951020..b98722f 100644 --- a/Schrick-Noah_AG-CG-CR.aux +++ b/Schrick-Noah_AG-CG-CR.aux @@ -37,9 +37,14 @@ \newlabel{sec:Intro}{{I}{1}{Introduction}{section.1}{}} \@writefile{toc}{\contentsline {section}{\numberline {II}Related Work}{1}{section.2}\protected@file@percent } \newlabel{sec:Rel-Works}{{II}{1}{Related Work}{section.2}{}} +\citation{GraphDB} +\citation{Graph-DB} \citation{ou_scalable_2006} +\citation{LAPA} \citation{cook_scalable_2016} \citation{li_concurrency_2019} +\citation{AG-Sample} +\citation{7087377} \citation{cook_rage_2018} \citation{li_concurrency_2019} \citation{li_combining_2019} @@ -57,7 +62,6 @@ \citation{CR-Simple} \bibdata{Bibliography} \bibcite{schneier_modeling_1999}{1} -\bibcite{j_hale_compliance_nodate}{2} \@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Time Taken to Checkpoint as the Size of the Instance Grows}}{4}{figure.2}\protected@file@percent } \newlabel{fig:inst-time}{{2}{4}{Time Taken to Checkpoint as the Size of the Instance Grows}{figure.2}{}} \@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces Time Taken to Checkpoint as the Size of the Frontier Grows}}{4}{figure.3}\protected@file@percent } @@ -65,7 +69,7 @@ \@writefile{lof}{\contentsline {figure}{\numberline {4}{\ignorespaces Time Taken to Restart as the Size of the Frontier Grows}}{4}{figure.4}\protected@file@percent } \newlabel{fig:front-rest-time}{{4}{4}{Time Taken to Restart as the Size of the Frontier Grows}{figure.4}{}} \@writefile{toc}{\contentsline {section}{\numberline {V}Conclusions and Future Work}{4}{section.5}\protected@file@percent } -\@writefile{toc}{\contentsline {section}{References}{4}{section*.1}\protected@file@percent } +\bibcite{j_hale_compliance_nodate}{2} \bibcite{cook_rage_2018}{3} \bibcite{berry_graph_2007}{4} \bibcite{zhang_boosting_2017}{5} @@ -76,9 +80,15 @@ \bibcite{SCR}{10} \bibcite{dmtcp}{11} \bibcite{BLCR}{12} -\bibcite{cook_scalable_2016}{13} -\bibcite{li_concurrency_2019}{14} -\bibcite{li_combining_2019}{15} -\bibcite{CR-Simple}{16} +\bibcite{GraphDB}{13} +\bibcite{Graph-DB}{14} +\bibcite{LAPA}{15} +\bibcite{cook_scalable_2016}{16} +\bibcite{li_concurrency_2019}{17} +\bibcite{AG-Sample}{18} +\bibcite{7087377}{19} +\bibcite{li_combining_2019}{20} +\bibcite{CR-Simple}{21} \bibstyle{ieeetr} +\@writefile{toc}{\contentsline {section}{References}{5}{section*.1}\protected@file@percent } \gdef \@abspage@last{5} diff --git a/Schrick-Noah_AG-CG-CR.bbl b/Schrick-Noah_AG-CG-CR.bbl index 68a0f7c..2c4b1e5 100644 --- a/Schrick-Noah_AG-CG-CR.bbl +++ b/Schrick-Noah_AG-CG-CR.bbl @@ -10,8 +10,8 @@ B.~Schneier, ``Modeling {Security} {Threats},'' {\em Dr. Dobb's Journal}, 1999. \newblock U.S. Patent Number 9,471,789, Oct. 18, 2016. \bibitem{cook_rage_2018} -K.~Cook, {\em {RAGE}: {The} {Rage} {Attack} {Graph} {Engine}}. -\newblock PhD thesis, The {University} of {Tulsa}, 2018. +K.~Cook, ``{RAGE}: {The} {Rage} {Attack} {Graph} {Engine},'' Master's thesis, + The {University} of {Tulsa}, 2018. \bibitem{berry_graph_2007} J.~Berry and B.~Hendrickson, ``Graph {Analysis} with {High} {Performance} @@ -58,6 +58,23 @@ J.~Ansel, K.~Arya, and G.~Cooperman, ``Dmtcp: Transparent checkpointing for J.~Duell, P.~H. Hargrove, and E.~S. Roman, ``Requirements for linux checkpoint/restart,'' 2 2002. +\bibitem{GraphDB} +G.~Simon-Nagy, R.~Fleiner, and A.~Bánáti, ``Attack graph implementation in + graph database,'' in {\em 2022 IEEE 20th Jubilee International Symposium on + Intelligent Systems and Informatics (SISY)}, pp.~000127--000132, 2022. + +\bibitem{Graph-DB} +B.~Yuan, Z.~Pan, F.~Shi, and Z.~Li, ``An attack path generation methods based + on graph database,'' in {\em 2020 IEEE 4th Information Technology, + Networking, Electronic and Automation Control Conference (ITNEC)}, vol.~1, + pp.~1905--1910, 2020. + +\bibitem{LAPA} +F.~Yi, H.~Y. Cai, and F.~Z. Xin, ``A logic-based attack graph for analyzing + network security risk against potential attack,'' in {\em 2018 IEEE + International Conference on Networking, Architecture and Storage (NAS)}, + pp.~1--4, 2018. + \bibitem{cook_scalable_2016} K.~Cook, T.~Shaw, J.~Hale, and P.~Hawrylak, ``Scalable attack graph generation,'' {\em Proceedings of the 11th Annual Cyber and Information @@ -68,6 +85,17 @@ M.~Li, P.~Hawrylak, and J.~Hale, ``Concurrency {Strategies} for {Attack} {Graph} {Generation},'' {\em Proceedings - 2019 2nd International Conference on Data Intelligence and Security, ICDIS 2019}, pp.~174--179, 2019. +\bibitem{AG-Sample} +O.~Subasi, S.~Purohit, A.~Bhattacharya, and S.~Chatterjee, ``Impact-driven + sampling strategies for hybrid attack graphs,'' in {\em 2022 IEEE + International Symposium on Technologies for Homeland Security (HST)}, + pp.~1--7, 2022. + +\bibitem{7087377} +K.~Kaynar and F.~Sivrikaya, ``Distributed attack graph generation,'' {\em IEEE + Transactions on Dependable and Secure Computing}, vol.~13, no.~5, + pp.~519--532, 2016. + \bibitem{li_combining_2019} M.~Li, P.~Hawrylak, and J.~Hale, ``Combining {OpenCL} and {MPI} to support heterogeneous computing on a cluster,'' {\em ACM International Conference diff --git a/Schrick-Noah_AG-CG-CR.blg b/Schrick-Noah_AG-CG-CR.blg index 7340040..072f99a 100644 --- a/Schrick-Noah_AG-CG-CR.blg +++ b/Schrick-Noah_AG-CG-CR.blg @@ -4,45 +4,45 @@ The top-level auxiliary file: Schrick-Noah_AG-CG-CR.aux The style file: ieeetr.bst Database file #1: Bibliography.bib Warning--empty journal in BLCR -You've used 16 entries, +You've used 21 entries, 1876 wiz_defined-function locations, - 564 strings with 6509 characters, -and the built_in function-call counts, 3570 in all, are: -= -- 330 -> -- 158 + 596 strings with 7573 characters, +and the built_in function-call counts, 5310 in all, are: += -- 495 +> -- 216 < -- 0 -+ -- 59 -- -- 43 -* -- 230 -:= -- 528 -add.period$ -- 19 -call.type$ -- 16 -change.case$ -- 14 ++ -- 80 +- -- 59 +* -- 347 +:= -- 749 +add.period$ -- 23 +call.type$ -- 21 +change.case$ -- 20 chr.to.int$ -- 0 -cite$ -- 17 -duplicate$ -- 187 -empty$ -- 364 -format.name$ -- 43 -if$ -- 865 +cite$ -- 22 +duplicate$ -- 286 +empty$ -- 542 +format.name$ -- 59 +if$ -- 1310 int.to.chr$ -- 0 -int.to.str$ -- 16 -missing$ -- 14 -newline$ -- 55 -num.names$ -- 16 -pop$ -- 75 +int.to.str$ -- 21 +missing$ -- 19 +newline$ -- 69 +num.names$ -- 21 +pop$ -- 103 preamble$ -- 1 purify$ -- 0 quote$ -- 0 -skip$ -- 100 +skip$ -- 176 stack$ -- 0 -substring$ -- 171 -swap$ -- 57 +substring$ -- 311 +swap$ -- 101 text.length$ -- 0 text.prefix$ -- 0 top$ -- 0 type$ -- 0 warning$ -- 1 -while$ -- 32 -width$ -- 18 -write$ -- 141 +while$ -- 47 +width$ -- 23 +write$ -- 188 (There was 1 warning) diff --git a/Schrick-Noah_AG-CG-CR.log b/Schrick-Noah_AG-CG-CR.log index 32e8b47..d47e404 100644 --- a/Schrick-Noah_AG-CG-CR.log +++ b/Schrick-Noah_AG-CG-CR.log @@ -1,4 +1,4 @@ -This is pdfTeX, Version 3.141592653-2.6-1.40.25 (TeX Live 2023/Arch Linux) (preloaded format=pdflatex 2023.4.3) 25 APR 2023 01:12 +This is pdfTeX, Version 3.141592653-2.6-1.40.25 (TeX Live 2023/Arch Linux) (preloaded format=pdflatex 2023.4.3) 25 APR 2023 02:18 entering extended mode restricted \write18 enabled. %&-line parsing enabled. @@ -503,73 +503,69 @@ ts/enc/dvips/base/8r.enc} ] -LaTeX Font Info: Trying to load font information for U+msa on input line 72. - - (/usr/share/texmf-dist/tex/latex/amsfonts/umsa.fd -File: umsa.fd 2013/01/14 v3.01 AMS symbols A -) -LaTeX Font Info: Trying to load font information for U+msb on input line 72. - - -(/usr/share/texmf-dist/tex/latex/amsfonts/umsb.fd -File: umsb.fd 2013/01/14 v3.01 AMS symbols B -) -<./images/checkpoint.png, id=91, 755.82375pt x 402.50375pt> +<./images/checkpoint.png, id=96, 755.82375pt x 402.50375pt> File: ./images/checkpoint.png Graphic file (type png) -Package pdftex.def Info: ./images/checkpoint.png used on input line 83. +Package pdftex.def Info: ./images/checkpoint.png used on input line 79. (pdftex.def) Requested size: 252.0pt x 134.19624pt. -Underfull \hbox (badness 3158) in paragraph at lines 89--94 +Underfull \hbox (badness 3158) in paragraph at lines 85--90 \OT1/ptm/m/it/10 1) Memory Constraint Difficulties: [][][] \OT1/ptm/m/n/10 Whi le the design [] +LaTeX Font Info: Trying to load font information for U+msa on input line 100 +. +(/usr/share/texmf-dist/tex/latex/amsfonts/umsa.fd +File: umsa.fd 2013/01/14 v3.01 AMS symbols A +) +LaTeX Font Info: Trying to load font information for U+msb on input line 100 +. -Underfull \hbox (badness 10000) in paragraph at lines 102--108 +(/usr/share/texmf-dist/tex/latex/amsfonts/umsb.fd +File: umsb.fd 2013/01/14 v3.01 AMS symbols B +) +Underfull \hbox (badness 10000) in paragraph at lines 98--104 \OT1/ptm/m/it/10 2) Implementation: [][][] \OT1/ptm/m/n/10 Rather than only a static [] [2 <./images/checkpoint.png>] -Underfull \hbox (badness 4660) in paragraph at lines 124--129 +Underfull \hbox (badness 4660) in paragraph at lines 120--125 \OT1/ptm/m/it/10 3) Portability: [][][] \OT1/ptm/m/n/10 The checkpointing proc ess is greatly [] [3] -<./images/instance_time.png, id=116, 606.265pt x 341.275pt> +<./images/instance_time.png, id=123, 606.265pt x 341.275pt> File: ./images/instance_time.png Graphic file (type png) -Package pdftex.def Info: ./images/instance_time.png used on input line 140. +Package pdftex.def Info: ./images/instance_time.png used on input line 136. (pdftex.def) Requested size: 252.0pt x 141.8556pt. -<./images/frontier_checkpoint_time.png, id=118, 607.26875pt x 341.275pt> +<./images/frontier_checkpoint_time.png, id=125, 607.26875pt x 341.275pt> File: ./images/frontier_checkpoint_time.png Graphic file (type png) Package pdftex.def Info: ./images/frontier_checkpoint_time.png used on input l -ine 149. +ine 145. (pdftex.def) Requested size: 252.0pt x 141.61606pt. -<./images/frontier_restart_time.png, id=120, 606.265pt x 341.275pt> +<./images/frontier_restart_time.png, id=127, 606.265pt x 341.275pt> File: ./images/frontier_restart_time.png Graphic file (type png) Package pdftex.def Info: ./images/frontier_restart_time.png used on input line - 158. + 154. (pdftex.def) Requested size: 252.0pt x 141.8556pt. -Underfull \hbox (badness 1622) in paragraph at lines 164--165 +Underfull \hbox (badness 1622) in paragraph at lines 160--161 \OT1/ptm/m/n/10 function calls or snapshots that are required. The C/R [] -Underfull \vbox (badness 1776) has occurred while \output is active [] - - -Underfull \hbox (badness 2150) in paragraph at lines 166--167 +Underfull \hbox (badness 2150) in paragraph at lines 162--163 \OT1/ptm/m/n/10 checkpoint times and sizes, as well as time taken to [] -Underfull \hbox (badness 1565) in paragraph at lines 166--167 +Underfull \hbox (badness 1565) in paragraph at lines 162--163 \OT1/ptm/m/n/10 settings to alter or enable, or communication strategies [] @@ -609,24 +605,21 @@ Package rerunfilecheck Info: File `Schrick-Noah_AG-CG-CR.out' has not changed. (rerunfilecheck) Checksum: CC85FF3DB94FE8393E2ED734D36908F3;1379. ) Here is how much of TeX's memory you used: - 12075 strings out of 476025 - 191404 string characters out of 5796533 + 12086 strings out of 476025 + 191517 string characters out of 5796533 1871388 words of memory out of 5000000 - 32330 multiletter control sequences out of 15000+600000 + 32336 multiletter control sequences out of 15000+600000 544489 words of font info for 89 fonts, out of 8000000 for 9000 1141 hyphenation exceptions out of 8191 - 75i,8n,76p,1314b,592s stack positions out of 5000i,500n,10000p,200000b,80000s + 75i,8n,76p,1431b,588s stack positions out of 5000i,500n,10000p,200000b,80000s < -/usr/share/texmf-dist/fonts/type1/urw/times/utmbi8a.pfb> -Output written on Schrick-Noah_AG-CG-CR.pdf (5 pages, 208554 bytes). +texmf-dist/fonts/type1/urw/times/utmb8a.pfb>< +/usr/share/texmf-dist/fonts/type1/urw/times/utmri8a.pfb> +Output written on Schrick-Noah_AG-CG-CR.pdf (5 pages, 185791 bytes). PDF statistics: - 184 PDF objects out of 1000 (max. 8388607) - 151 compressed objects within 2 object streams - 37 named destinations out of 1000 (max. 500000) + 179 PDF objects out of 1000 (max. 8388607) + 152 compressed objects within 2 object streams + 42 named destinations out of 1000 (max. 500000) 109 words of extra memory for PDF output out of 10000 (max. 10000000) diff --git a/Schrick-Noah_AG-CG-CR.pdf b/Schrick-Noah_AG-CG-CR.pdf index deffebd..8634204 100644 Binary files a/Schrick-Noah_AG-CG-CR.pdf and b/Schrick-Noah_AG-CG-CR.pdf differ diff --git a/Schrick-Noah_AG-CG-CR.tex b/Schrick-Noah_AG-CG-CR.tex index a5c1678..2d43fe4 100644 --- a/Schrick-Noah_AG-CG-CR.tex +++ b/Schrick-Noah_AG-CG-CR.tex @@ -67,11 +67,7 @@ Due to the runtime requirements and scalability challenges imposed by graph gene \section{Related Work} \label{sec:Rel-Works} Numerous efforts have been presented for C/R techniques with various categories available. The authors of \cite{CR-Survey} and \cite{hursey2010coordinated} discuss three categories of C/R, which include application-level, user-level, and system-level. Each approach draws upon advantages that appeal toward different aspects of reliability. User-level checkpointing, though has greater simplicity, results in larger checkpoints. System-level requires compatibility with the operating system and any libraries used for the application. Application-level checkpointing requires additional work for the implementation, but resuls in smaller, faster C/R. The authors of \cite{SCR} present the SCR (Scalable Checkpoint/Restart) library, which has seen widespread adoption due to its minimal overhead. DMTCP (Distributed MultiThreaded Checkpointing) \cite{dmtcp} and BLCR (Berkely Lab Checkpoint/Restart) \cite{BLCR} are two other commonly-used C/R approaches. -Other investigations into attack and compliance graphs attempt to improve performance and scalability to mitigate state space explosion or lengthy runtimes, rather than focus on C/R. As a means of improving scalability of attack graphs themselves, the authors of \cite{ou_scalable_2006} present a new representation scheme. Traditional attack graphs encode the entire network at each state, -but the representation presented by the authors uses logical statements to represent a portion of the network at each node. This is called a logical attack graph. This approach led to the reduction of the generation process -to quadratic time and reduced the number of nodes in the resulting graph to $\mathcal{O}({n}^2)$. However, this approach does require more analysis for identifying attack vectors. Another approach -presented by the authors of \cite{cook_scalable_2016} represents a description of systems and their qualities and topologies as a state, with a queue of unexplored states. This work was continued by the -authors of \cite{li_concurrency_2019} by implementing a hash table among other features. Each of these works demonstrates an improvement in scalability through refining the desirable information output. +Other investigations into attack and compliance graphs attempt to improve performance and scalability to mitigate state space explosion or lengthy runtimes, rather than focus on C/R. These investigations include the works by the authors of \cite{GraphDB}, which implement attack graph methodologies using Neo4j for efficient storage techniques. This approach has seen other implementations, such as that shown by the authors of \cite{Graph-DB}. Other attack graph scalability studies involve the alteration of the representation schemes. The authors of \cite{ou_scalable_2006} make use of logical statements for logical attack graphs. This approach has seen continued investigations, and similar logic-based attack graphs can be seen in the work presented by the authors of \cite{LAPA}. These logical based attack graphs aim to improve scalability by minimizing the resulting information. Other representation schemes include those seen by the authors of \cite{cook_scalable_2016} and the authors of \cite{li_concurrency_2019}, which make use of qualities and topologies through graph states. Scalability improvements have also been examined through sampling, such as the approach presented by the authors of \cite{AG-Sample}. Parallelization techniques have been investigated for runtime improvement, and successful results have been seen in the work by the authors of \cite{7087377}. \section{Methodology} \subsection{Checkpointing}