Published: January 5, 2018
Author(s)
Changwei Liu (GMU), Anoop Singhal (NIST), Duminda Wijesekera (GMU)
Conference
Name: 14th IFIP WG 11.3 International Conference on Digital Forensics
Dates: 01/03/2018 - 01/05/2018
Location: New Delhi, India
Citation: Advances in Digital Forensics XIV, vol. 532, pp. 263-289
In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs attack scenarios using evidences in a log files. The lower layer reconstructs the missing attack steps using system calls. Based on the graph produced from the three layers our model computes a quantitative impact on the business processes using the NIST vulnerability scoring system. A case study shows the usability of our model and how it can be applied for both forensic analysis and for mitigating the impact of cyber attacks on the enterprise infrastructure.
In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs attack scenarios using evidences in a log...
See full abstract
In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs attack scenarios using evidences in a log files. The lower layer reconstructs the missing attack steps using system calls. Based on the graph produced from the three layers our model computes a quantitative impact on the business processes using the NIST vulnerability scoring system. A case study shows the usability of our model and how it can be applied for both forensic analysis and for mitigating the impact of cyber attacks on the enterprise infrastructure.
Hide full abstract
Keywords
mission impact; forensics analysis; cloud computing; attack graphs
Control Families
None selected