University of Minnesota. Home page.
One Stop | Directories | Search U of M
Institute of Technology

what's inside

About IT

Prospective students

Current students

Faculty & research

Outreach

Alumni & friends

Inventing Tomorrow

Site Index

College directory

Contact IT


Search IT and its departments

2004-05 Distinguished Women Scientists and Engineers Speakers Program

 

Jeannette Wing

President's Professor of Computer Science
Chair, Department of Computer Science
Carnegie Mellon University

Automatic Generation and Analysis of Attack Graphs

February 14
11:15 a.m.–12:15 p.m.
EE/CSci 3-125

Attack graphs represent the ways in which an adversary can exploit vulnerabilities to break into a system. System administrators analyze these attack graphs to understand where their system's weaknesses lie and to help decide which security measures will be effective to deploy. In practice, attack graphs are produced manually by Red Teams. Construction by hand, however, is tedious, error-prone, and
impractical for attack graphs larger than a hundred nodes. In this talk I present a technique, based on model checking, for generating attack graphs automatically. I also describe different analyses that system administrators can perform in trading off one security measure for another. These analyses can answer questions such as "Given a set of measures, what is a minimum subset needed to make this system safe?"

This work is joint with Somesh Jha and Oleg Sheyner.
 
©2005 Regents of the University of Minnesota. All rights reserved.
The University of Minnesota is an equal opportunity educator and employer.
Last modified on February 15, 2005