Contract No.: 285248 Strategic Objective

Download 1.78 Mb.

Page	7/54
Date	28.01.2017
Size	1.78 Mb.
	#8871

1 2 3 4 5 6 7 8 9 10 ... 54

3Security_Open_Specs_APIs

Security-Monitoring: Mulval Attack Path Engine Open API Specification
Security-Monitoring: Mulval Attack Path Engine Web Application Open API Specification
Security-Monitoring: Scored Attack Paths Open API Specification
Security-Monitoring:_Remediation_Open_API_Specification
Security-Monitoring: Service Level SIEM Open API Specification
Security-Monitoring: IoT Fuzzer Open API Specification
Security-Monitoring: Android Vulnerability Assessment Open API Specification
Identity Management Open API Specification
Privacy Open RESTful API Specification
Data Handling Open RESTful API Specification
Access Control Authorization Open RESTful API Specification
Context-based Security & Compliance Open RESTful API Specification
DBAnonymizer Open RESTful API Specification
Secure Storage Service Open API Specification
Content Based Security Open RESTful API Specification
Malware Detection Service Open API Specification
Android Flow Monitoring Open Specification

The WPL must add the new ones in R3 to the list. Tell him to do so if your GE is not listed

4Security-Monitoring: Mulval Attack Path Engine Open API Specification

4.1Introduction to the Mulval Attack Path Engine API

4.1.1Mulval Attack Path Engine API Core

This document provides a description of the available interface and presents adapters used by the MulVAL Attack Path Engine to import data files. The adapter transforms the data file to internal data in order to provide reporting and decision support in the context of the security monitoring G.E.

file:mulval_api_principe.png‎

Figure 1: principle of Mulval API The MulVAL Attack Path Engine API can be seen as a module. This module needs input to be processed and compute the results with certain available options. We can summarize as: Input: file required by the engine Engine: offers certain flexibility (options) of attack path computation Output: data file which can be consumed by the reporting, visualization and decision support components.

4.1.2Intended Audience

This document is addressed both software architects and developers, and the operators of MulVAL Attack Path Engine.

4.1.3API Change History

This version of the Mulval Attack Path API Guide replaces and obsoletes all previous versions. The most recent changes are described in the table below:

Revision Date	Changes Summary
August, 2012	V1.0, first release
Janauary, 2012	V1.1 release Nessus scanner supported Attack path generated from the file exported by the Nessus scanner.

4.1.4How to Read This Document

Along the document, some special notations are applied to differentiate some special words or concepts. The following list summarizes these special notations:

A bold, mono-spaced font is used to represent a module.
An italic font is used to represent an example

4.1.5Additional Resources

The attack path engine is an innovative way to assess security risk. The current API is provided in summary version. Academics publications regarding attack paths are available through the following links:

all references can found here:

MulVAL: A logic-based network security analyzer. Xinming Ou, Sudhakar Govindavajhala, and Andrew W. Appel. In 14th USENIX Security Symposium, Baltimore, Maryland, U.S.A., August 2005.

A logic-programming approach to network security analysis. Xinming Ou. PhD dissertation, Princeton University, 2005.

A scalable approach to attack graph generation. Xinming Ou, Wayne F. Boyer, and Miles A. McQueen. In 13th ACM Conference on Computer and Communications Security (CCS 2006), Alexandria, VA, U.S.A., October 2006.

Googling attack graphs. Reginald Sawilla and Xinming Ou. Technical report, Defence R & D Canada -- Ottawa. TM 2007-205, September 2007.

From attack graphs to automated configuration management - an iterative approach. John Homer, Xinming Ou, and Miles A. McQueen. Technical report, Kansas State University, Computing and Information Sciences Department. January 2008.

Improving attack graph visualization through data reduction and attack grouping. John Homer, Ashok Varikuti, Xinming Ou, and Miles A. McQueen. In 5th International Workshop on Visualization for Cyber Security (VizSEC 2008), Cambridge, MA, U.S.A., September 2008.

Identifying critical attack assets in dependency attack graphs. Reginald Sawilla and Xinming Ou. In 13th European Symposium on Research in Computer Security (ESORICS 2008), Malaga, Spain, October 2008. The extended version.

SAT-solving approaches to context-aware enterprise network security management. John Homer and Xinming Ou, In IEEE JSAC Special Issue on Network Infrastructure Configuration, Vol. 27, No. 3, April 2009. Preprint

Techniques for enterprise network security metrics. Anoop Singhal and Xinming Ou. Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies (CSIIRW) , Extended Abstract, April, 2009.

A host-based security assessment architecture for industrial control systems. Abhishek Rakshit and Xinming Ou. 2nd International Symposium on Resilient Control Systems (ISRCS), Idaho Falls, ID, USA, August 2009.

A sound and practical approach to quantifying security risk in enterprise networks. John Homer, Xinming Ou, and David Schmidt. Technical report, Kansas State University, Computing and Information Sciences Department. August 2009.

Uncertainty and risk management in cyber situational awareness. Jason Li, Xinming Ou, and Raj Rajagopalan. In Sushil Jajodia et al., editor, Cyber Situational Awareness: Issues and Research , chapter 4. Springer, Nov. 2009.

An empirical approach to modeling uncertainty in intrusion analysis. Xinming Ou, S. Raj Rajagopalan, and Sakthiyuvaraja Sakthivelmurugan. Annual Computer Security Applications Conference (ACSAC), Honolulu, Hawaii, USA, Dec 2009.

Download 1.78 Mb.

Share with your friends:

1 2 3 4 5 6 7 8 9 10 ... 54