Quantitative security analysis of a dynamic network system under lateral movement-based attacks

TitleQuantitative security analysis of a dynamic network system under lateral movement-based attacks
Publication TypeJournal Article
Year of Publication2019
AuthorsY Shi, X Chang, RJ Rodríguez, Z Zhang, and KS Trivedi
JournalReliability Engineering and System Safety
Volume183
Start Page213
Pagination213 - 225
Date Published03/2019
Abstract

Malicious lateral movement-based attacks have become a potential risk for many systems, bringing highly likely threats to critical infrastructures and national security. When launching this kind of attacks, adversaries first compromise a fraction of the targeted system and then move laterally to the rest of the system until the whole system is infected. Various approaches were proposed to study and/or defend against lateral movement-based attacks. However, few of them studied transient behaviors of dynamic attacking and dynamic targeted systems. This paper aims to analyze the transient security of a dynamic network system under lateral movement-based attacks from the time that attack-related abnormity in the system is detected until mechanisms are designed and deployed to defend against attacks. We explore state-space modeling techniques to construct a survivability model for quantitative analysis. A phased piecewise constant approximation approach is also proposed to derive the formulas for calculating model state transient probabilities, with which we derive formulas for calculating metrics of interest. The proposed approach allows both model state transition rates and the number of model states to be time-varying during the system recovery. Numerical analysis is carried out for investigating the impact of various dynamic system parameters on system security.

DOI10.1016/j.ress.2018.11.022
Short TitleReliability Engineering and System Safety