Measuring Security Risk in Enterprise Networks

Project Publications

Publications:

• Daniel Borbor, Lingyu Wang, Sushil Jajodia, Anoop Singhal,"Securing Networks Against Unpatchable and Unknown Vulnerabilities Using Hetrogeneous Hardening Options", 31st IFIP Conference on Data and Application Security and Privacy (DBSEC 2017), Philadelphia, Pennsylvania, July 19-21, 2017.

• Xiaoyan Sun, Anoop Singhal, Peng Liu,"Towards Actionable Mission Impact Assessment in the Context of Cloud Computing", 31st IFIP Conference on Data and Application Security and Privacy (DBSEC 2017), Philadelphia, Pennsylvania, July 19-21, 2017.

• Changwei Liu, Anoop Singhal, Duminda Wijesekera, "Identifying Evidence for Implementing a Cloud Forensic Analysis Framework", Advances in Digital Forensics XIII, Orlando, Florida, January 30 - February 1, 2017.

• D. Borbor, L. Wang, S. Jajodia, A. Singhal, "Diversifying Networks under cost constraints for better Resilience against Unknown Attacks", 30th IFIP Conference on Data and Application Security and Privacy, Trento, Italy, July 18-21, 2016.
• X. Sun, J. Dai, A. Singhal, P. Liu and J. Yen, "Towards Probabilistic Identification of Zero-day Attack Paths", Accepted for IEEE Conference on Communication and Network Security, Philadelphia, October 17-19, 2016.
• C. Liu, A. Singhal, D. Wijesekara, “A Probabilistic Network Forensics Model for Evidence Analysis”, IFIP International Conference on Digital Forensics, New Delhi, India, January 4-6, 2016.
• X. Sun, A. Singhal, P. Liu, “Who Touched My Mission: Towards Probabilistic Mission Impact Assessment”, ACM Workshop on Automated Decision Making for Active Cyber Defense, October 12, 2015, Denver, Colorado.
• C. Liu, A. Singhal, D. Wijesekara, “A Logic Based Network Forensics Model for Evidence Analysis”, IFIP International Conference on Digital Forensics, Orlando, Florida, January 24-26 2015.
• X. Sun, J. Dai, A. Singhal and P. Liu, “Inferring the Stealthy Bridges Between Enterprise Network Islands in Cloud Using Cross Layer Bayesian Networks”, Tenth International Conference on Security in Communication Networks, Beijing, Sept. 24-26 2014
• L. Wang, M. Zhang, A. Singhal, S. Jajodia and M. Albanese, "Modeling Network Diversity for Evaluating the Robustness of Networks against Zero Day Attacks", European Symposium on Research in Computer Security (ESORICS), Wroclaw, Sept. 7-11 2014.
• C. Liu, A. Singhal and D. Wijesekera, "A Reasoning Based Model towards Using Evidence from Security Events for Network Forensics Analysis", International Workshop on Security of Information Systems, Lisbon, April 27, 2014.
• Wang, S. Jajodia, A. Singhal, P. Cheng and S. Noel, “K Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown Vulnerabilities”, IEEE Transactions on Dependable and Secure Computing (TDSC) October 2013.
• C. Liu, A. Singhal, D. Wijesekara, "Merging Evidence Sub Graphs to an Integrated Evidence Graph for Network Forensics Analysis", The Ninth Annual IFIP WG 11.9 International Conference on Digital Forensics, Orlando, January 2013.
• P. Cheng, L. Wang, S. Jajodia, A. Singhal, "Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics", 31st IEEE International Conference on Reliable and Distributed Systems, Irvine, October 2012
• C. Liu, A. Singhal, D. Wijesekara, "Using Attack Graphs in Forensics Examination", The Fifth International Workshop on Digital Forensics (WSDF 2012), Prague, August 2012.
• R. Zhuag, S. Zhang, A. Singhal, S. Deloach, X. Ou, "Simulation-based Approaches to Studying Effectiveness of Moving Target Network Defense", National Symposium on Moving Target Defense, Annapolis, MD, June 2012.
• Singhal, Ou, Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs, NISTIR 7788, September 2011
• S. Zhang, X. Ou, A. Singhal, J. Homer “An Empirical Study of a Vulnerability Aggregation Method”. The 2011 World Congress in Computer Science, Special Track on Security and Mission Assurance, Las Vegas, July 2011.
• Wang, Singhal, Jajodia, Noel, "k-Zero Day Safety: Measuring the Security Risk of Networks against Unknown Attacks", European Symposium on Research in Computer Security (ESORICS) September 2010.
• A. Singhal and D. Wijesekara, “Ontologies for Modeling Enterprise Level Security Metrics”, 6th Annual Cyber Security and Information Intelligence Research Workshop, Oakridge National Labs, Oarkridge, April 21-23, 2010.
• A. Singhal and S. Xou, "Techniques for Enterprise Network Security Metrics", Proceedings of 2009 Cyber Security and Information Intelligence Research Workshop, Oakridge National Labs, Oarkridge, April 2009.
• Frigault, Wang, Singhal, Jajodia, "Measuring Network Security Using Dynamic Bayesian Networks", ACM Workshop on Quality of Protection, October 2008.
• L. Wang, A. Singhal and S. Jajodia, "An Attack Graph Based Probablistic Security Metrics", In Proceedings of 22nd IFIP WG 11.3 Working Conference on Data and Application Security (DBSEC 2008), London, UK, July 2008.
• "Forensic Web Services", Fourth Annual IFIP WG 11.9 International Conference on Digital Forensics, Kyoto, Japan, January 27-30 2008.
• "Towards Measuring Network Security Using Attack Graphs", In Proceedings of 2007 ACM Workshop on Quality of Protection, October 29, 2007.
• "Measuring the Overall Security of Network Configurations Using Attack Graphs". DBSec 2007: 98-112. Lingyu Wang, Anoop Singhal, Sushil Jajodia.
• "Web Services Security: Challenges and Techniques". POLICY 2007: 282.
  (Note: You will be leaving NIST & CSRC webserver after clicking the POLICY 2007 link)
• "Data Warehousing and Data Mining Techniques for Intrusion Detection Systems", Journal of Distributed and Parallel Databases, Volume 20, Number 2, pp. 149-166, September 2006.
• "Interactive Analysis of Attack Graphs with Relational Queries", Proceedings of the 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, pages 119-132, SAP Labs, Sophia Antipolis, France, July 31-August 2, 2006
• "Semantic Aware Data Protection in Web Services", Proceedings of IEEE Workshop on Web Services Security held in Berkeley, CA, May 2006.
• "Data Modeling and Data Warehousing Techniques to Improve IDS", Work in Progress Paper presented at the 21st Annual Computer Security Applications Conference (ACSAC), December, 2005.
• "A Data Model and Architecture for Critical Infrastructure Protection", Conference on R&D Partnerships in Homeland Security, Boston, April 2005.
• "Data Mining for Intrusion Detection" (with Prof. S. Jajodia) A chapter in "Handbook of Data Mining", Kluwer Publishers December 2004.
• "Design of a Data Warehouse System for Network/Web Services", Proceedings of ACM Conference on Information and Knowledge Management (CIKM) November 2004.