Show simple item record

dc.contributor.advisorRichard P. Lippmann.en_US
dc.contributor.authorArtz, Michael Lyle, 1979-en_US
dc.contributor.otherMassachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.en_US
dc.date.accessioned2006-03-24T18:01:15Z
dc.date.available2006-03-24T18:01:15Z
dc.date.copyright2002en_US
dc.date.issued2002en_US
dc.identifier.urihttp://hdl.handle.net/1721.1/29899
dc.descriptionThesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2002.en_US
dc.descriptionIncludes bibliographical references (leaves 93-96).en_US
dc.description.abstractAttack scenario graphs provide a concise way of displaying all possible sequences of attacks a malicious user can execute to obtain a desired goal, such as remotely achieving root undetected on a critical host machine. NETSPA, the Network Security Planning Architecture, is a C++ system that quickly generates worst-case attack graphs using a forward-chaining depth-first search of the possible attack space using actions modeled with REM, a simple attack description language. NETSPA accepts network configuration information from a database that includes host and network software types and versions, intrusion detection system placement and types, network connectivity, and firewall rulesets. It is controlled by command line inputs that determine a critical goal state, trust relationships between hosts, and maximum recursive depth. NETSPA was shown to efficiently provide easily understood attack graphs that revealed non-obvious security problems against a realistic sample network of 17 representative hosts using 23 REM defined actions. The largest useful graph was generated within 1.5 minutes of execution. NETSPA-executes faster and handles larger networks than any existing graph generation system. This allows NETSPA to be practically used in combination with other security components to develop and analyze secure networks.en_US
dc.description.statementofresponsibilityby Michael Lyle Artz.en_US
dc.format.extent96 leavesen_US
dc.format.extent6148150 bytes
dc.format.extent6159472 bytes
dc.format.mimetypeapplication/pdf
dc.format.mimetypeapplication/pdf
dc.language.isoengen_US
dc.publisherMassachusetts Institute of Technologyen_US
dc.rightsM.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission.en_US
dc.rights.urihttp://dspace.mit.edu/handle/1721.1/7582
dc.subjectElectrical Engineering and Computer Science.en_US
dc.titleNetSPA : a Network Security Planning Architectureen_US
dc.title.alternativeNetwork Security Planning Architectureen_US
dc.typeThesisen_US
dc.description.degreeM.Eng.en_US
dc.contributor.departmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
dc.identifier.oclc51072296en_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record