Il sistema analizzato risulta essere al momento non compromettibile, però la probabilità che una minaccia riesca ad ottenere il proprio obiettivo è elevata.
Sarebbe interessante osservare lo stato delle vulnerabilità dei vari componenti a determinati intervalli di tempo (per esempio ogni 3 mesi) per verificare la bontà delle simulazioni effettuate. Considerando la frequenza e la difficoltà degli attacchi ai vari componenti si consiglia per lo meno il monitoraggio del componente CMS.
No patch Patch 90 Patch 605 Patch 516 Patch 273 Patch 410 0 50 100 150 200 250 300
solo componente web joomla
componenti proxy +server4+ switch
componenti proxy +adm+ switch
componenti browser +server4+ switch
componenti browser +adm+ switch
componenti proxy +adm+ ssh
componenti browser +adm+ ssh
componenti proxy +server4+ db
componenti proxy +adm+ db componenti browser
+server4+ db
componenti browser +adm+ db
componenti web +router+ switch
6 Conclusioni generali
Haruspex2 dimostra ottime prestazioni per quanto riguarda l'implementazione delle simulazioni e facilmente utilizzabile. Anche la fase di analisi degli output è resa agevole da strumenti esterni quali R e openoffice. La difficoltà maggiore per l'analista consiste nella produzione dei dati di input, che richiede una buona dose di attenzione e meticolosità.
Altre tesi in corso stanno affrontando questo problema in modo da poter fornire in ingresso i risultati di un vulnerabiity scanning del sistema. La produzione di strumenti di interfaccia adeguati costituirebbe un significativo passo in avanti verso l'automatizzazione della analisi del rischio di sistemi ICT:
In questa tesi si è visto come le varie metodologie standard possano essere usate
contemporaneamente per ottenere un'analisi migliore. Nella fase di analisi del caso reale sono stati usati molti concetti e definizioni del CVSS. Ciò suggerisce una possibile integrazione tra CVSS e Haruspex, in modo simile a quanto descritto nel paragrafo 2.7.1 in cui si descrive un
7 Bibliografia
1. Tesi Gabriele Piga “Simulazione di attacchi contro infrastrutture informatiche “
2. Paul Graham website http://www.paulgraham.com/submarine.html#f4n
3. Wikipedia, Ping of Death http://it.wikipedia.org/wiki/Ping_of_Death
4. Wikipedia, Teardrop Attack http://en.wikipedia.org/wiki/Teardrop_attack#Teardrop_attacks
5. Kostya Kortchinsky, VMWare Guest To Host Escape, BlackHat Conference 2009
6. Gary Stoneburner, Alice Goguen, Alexis Feringa, Risk Management Guide for Information
Technology System, NIST SP 800-30.
7. Dlgs. 196/2003 http://www.camera.it/parlam/leggi/deleghe/testi/03196dl.htm 8. Technical Department of ENISA Section Risk Management, Risk Management:
Implementation principles and Inventories for Risk Management/Risk Assessment methods and tools, 2006.
9. NIST's National Vulnerability Database (NVD), http://nvd.nist.gov, 2011. 10. MSDN Microsoft, SQL Injection Prevention ASP .NET
11. http://msdn.microsoft.com/en-us/library/ff648339.aspx
12. OWASP Project – Top Ten Threat https://www.owasp.org/index.php/Top_10_2010
13. Cox, L.A. Jr., What's Wrong with Risk Matrices?, Risk Analysis, Vol. 28, No. 2, 2008, DOI:
10.1111/j.1539-6924.2008.01030.x
14. MITRE – Risk Management Toolkit
http://www.mitre.org/work/sepo/toolkits/risk/ToolsTechniques/RiskMatrix. html
15. R. Lippmann, K. Ingols, C. Scott, K. Piwowarski, K. Kratkiewicz, M. Artz, and R.
Cunningham. Evaluating and Strenghening Enterprise Network Security using Attack Graphs. Project Report. Lincoln Laboratory, MIT, IA-2, 2005.
16. N. Ghosh and S. Ghosh. A planner-based approach togenerate and analyze minimal attack
graph. Applied Intelligence, pp 1-22. 10.1007/s10489-010- 0266-8.
17. Nwokedi C. Idika, Characterizing and Aggregating Attack Graph-based Security Metrics,
CERIAS Tech Report 2010-23, 2010.
18. O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. m. Wing, Automated generation and
analysis of attack graphs, in Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 273-284, 2002.
19. R. Lippmann and K. Ingols, An annotated review of past papers on attack graphs, Technical
Report, MIT Lincoln Laboratory, 2005.
20. J. Homer, A. Varikuti, X. Ou, and Miles A. McQueen. Improving Attack Graph Visualization
through Data Reduction and Attack Grouping, In the 5th International Workshop on Visualization for Cyber Security (VizSEC), 2008.
21. X. Ou, W. Boyer, and M. McQueen, A scalable approach to attack graph generation, ACM
Conference on Computer and Communications Security (CCS '06), November 2006.
22. L. Wang, A. Singhal, and S. Jajodia, Measuring overall security of network configurations
using attack graphs, Data and Applications Security XXI, vol. 4602, pp. 98-112, August 2007.
23. J. Pamula, S. Jajodia, P. Ammann, and V. Swarup, A weakest-adversary security metric for
network con_guration security analysis, in Proceedings of the 2nd ACM Workshop on Quality of Protection (QoP '06), pp. 31-38, 2006.
security metric, DAS 2008, LNCS 5094, pp. 283-296, 2008.
25. K. Ingols, M. Chu, R. Lippmann, S. Webster, and S. Boyer. Modeling modern network
attacks and countermeasures using attack graphs. In Proceedings of the 2009 Annual Computer Security Applications Conference, ACSAC '09, pp. 117-126, Washington, DC, USA, 2009. IEEE Computer Society.
26. Steven Noel, Matthew Elder, Sushil Jajodia, Pramod Kalapa, Scott O’Hare, Kenneth Prole.
“Advances in Topological Vulnerability Analysis”, CATCH ’09, CyberSecurity Applications & Technology, 2009.
27. S. Noel and S. Jajodia. Managing attack graph complexity through visual hierarchical
aggregation, in Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 109-118, 2004.
28. P. Ammann, D. Wijesekera, and S. Kaushik, Scalable, graph-based network vulnerability
analysis, in Proceedings of the 9th ACM Conference on Computer and Communications Security (CCS '02), November 2002.
29. Mitre, OVAL language http://oval.mitre.org
30. X. Ou, S. Govindavajhala, and A. Appel, Mulval: a logic-based network security analyzer, in
Proceedings of the 14th conference on USENIX Security Symposium, vol. 14, 2005.
31. E. LeMay, W. Unkenholz, D. Parks, C. Muehrcke, K. Keefe, and W. Sanders. Model-based
Security Metrics using ADversary VIew Security Evaluation (ADVISE). In Proceedings of the 8th International Conference on Quantitative Evaluation of SysTems (QEST 2011), 2011.
32. The dot language, GraphViz http://www.graphviz.org/pub/scm/graphviz2/doc/info/lang.html
33. Wikipedia, Visitor Pattern http://en.wikipedia.org/wiki/Visitor_pattern
34. Wikipedia, Factory Pattern http://en.wikipedia.org/wiki/Abstract_factory_pattern
35. Boost Graph Library, Bundled Properties
http://www.boost.org/doc/libs/1_46_1/libs/graph/doc/bundles.html
36. Boost Graph Library, Adjancency List representation
http://www.boost.org/doc/libs/1_47_0/libs/graph/doc/graph_theory_review. html#sec:adjacency-list-representation
37. Wikipedia, Algoritmo di Dijkstra http://it.wikipedia.org/wiki/Algoritmo_di_Dijkstra
38. E. Byres, A. Ginter, and J. Lingell. How Stuxnet Spread - A Study of Infection Paths in Best
PracticeSystems. White Paper. Tofino Report, Abterra Technologies ScadaHacker.com, 2011.
39. Defence in Depth http://en.wikipedia.org/wiki/Defense_in_depth_(computing)
40. S. Jajodia and S. Noel. Topological Vulnerability Analysis. In S. Jajodia, P. Liu, V. Swarup,
and C. Wang, editors, Cyber Situational Awareness, volume 46 of Advances in Information Security, pages 139-154. Springer US, 2010.
41. Nessus Security Scanner, http://www.nessus.org, 2011. 42. Network Mapper (Nmap), http://www.nmap.org, 2011. 43. Bugtraq, http://www.securityfocus.com/archive/1, 2011.
44. R. Dantu and P. Kolan, Risk management using behavior based bayesian