![]() ![]() Moreover, the tool generates a graph of dependencies among exploits that represents all possible attack paths without having to enumerate them. The TVA tool includes modeling of network security conditions and attack techniques (exploits), automatic population of models via the Nessus vulnerability scanner, and analysis of exploit sequences (attack paths) leading to specific attack goals. It is ideal for inexpensive what-if analyses of the impact of various network configurations on overall network security. Our Topological Vulnerability Analysis (TVA) tool automates the labor-intensive type of analysis usually performed by penetration-testing experts. In this chapter, we describe a tool that implements an integrated, topological approach to network vulnerability analysis. That is, one must analyze how low-level vulnerabilities can be combined to achieve high-level attack goals. To understand overall vulnerability to network attack, one must consider attacker exploits not just in isolation, but also in combination. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |