Inferring the stealthy bridges between enterprise network islands in cloud using cross-layer bayesian networks

Xiaoyan Sun, Jun Dai, Anoop Singhal, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingChapter

1 Citation (Scopus)

Abstract

Enterprise networks are migrating to the public cloud to acquire computing resources for promising benefits in terms of efficiency, expense, and flexibility. Except for some public services, the enterprise network islands in cloud are expected to be absolutely isolated from each other. However, some “stealthy bridges” may be created to break such isolation due to two features of the public cloud: virtual machine image sharing and virtual machine co-residency. This paper proposes to use cross-layer Bayesian networks to infer the stealthy bridges existing between enterprise network islands. Prior to constructing cross-layer Bayesian networks, cloud-level attack graphs are built to capture the potential attacks enabled by stealthy bridges and reveal hidden possible attack paths. The result of the experiment justifies the crosslayer Bayesian network’s capability of inferring the existence of stealthy bridges given supporting evidence from other intrusion steps in a multistep attack.

Original languageEnglish (US)
Title of host publicationLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
PublisherSpringer Verlag
Pages3-23
Number of pages21
DOIs
StatePublished - Jan 1 2015

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume152
ISSN (Print)1867-8211

Fingerprint

Bayesian networks
Industry
Experiments
Virtual machine

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Cite this

Sun, X., Dai, J., Singhal, A., & Liu, P. (2015). Inferring the stealthy bridges between enterprise network islands in cloud using cross-layer bayesian networks. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (pp. 3-23). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 152). Springer Verlag. https://doi.org/10.1007/978-3-319-23829-6_1
Sun, Xiaoyan ; Dai, Jun ; Singhal, Anoop ; Liu, Peng. / Inferring the stealthy bridges between enterprise network islands in cloud using cross-layer bayesian networks. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST. Springer Verlag, 2015. pp. 3-23 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST).
@inbook{33533c1963c34fdaad4a7eae16a43c80,
title = "Inferring the stealthy bridges between enterprise network islands in cloud using cross-layer bayesian networks",
abstract = "Enterprise networks are migrating to the public cloud to acquire computing resources for promising benefits in terms of efficiency, expense, and flexibility. Except for some public services, the enterprise network islands in cloud are expected to be absolutely isolated from each other. However, some “stealthy bridges” may be created to break such isolation due to two features of the public cloud: virtual machine image sharing and virtual machine co-residency. This paper proposes to use cross-layer Bayesian networks to infer the stealthy bridges existing between enterprise network islands. Prior to constructing cross-layer Bayesian networks, cloud-level attack graphs are built to capture the potential attacks enabled by stealthy bridges and reveal hidden possible attack paths. The result of the experiment justifies the crosslayer Bayesian network’s capability of inferring the existence of stealthy bridges given supporting evidence from other intrusion steps in a multistep attack.",
author = "Xiaoyan Sun and Jun Dai and Anoop Singhal and Peng Liu",
year = "2015",
month = "1",
day = "1",
doi = "10.1007/978-3-319-23829-6_1",
language = "English (US)",
series = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",
publisher = "Springer Verlag",
pages = "3--23",
booktitle = "Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST",
address = "Germany",

}

Sun, X, Dai, J, Singhal, A & Liu, P 2015, Inferring the stealthy bridges between enterprise network islands in cloud using cross-layer bayesian networks. in Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, vol. 152, Springer Verlag, pp. 3-23. https://doi.org/10.1007/978-3-319-23829-6_1

Inferring the stealthy bridges between enterprise network islands in cloud using cross-layer bayesian networks. / Sun, Xiaoyan; Dai, Jun; Singhal, Anoop; Liu, Peng.

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST. Springer Verlag, 2015. p. 3-23 (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 152).

Research output: Chapter in Book/Report/Conference proceedingChapter

TY - CHAP

T1 - Inferring the stealthy bridges between enterprise network islands in cloud using cross-layer bayesian networks

AU - Sun, Xiaoyan

AU - Dai, Jun

AU - Singhal, Anoop

AU - Liu, Peng

PY - 2015/1/1

Y1 - 2015/1/1

N2 - Enterprise networks are migrating to the public cloud to acquire computing resources for promising benefits in terms of efficiency, expense, and flexibility. Except for some public services, the enterprise network islands in cloud are expected to be absolutely isolated from each other. However, some “stealthy bridges” may be created to break such isolation due to two features of the public cloud: virtual machine image sharing and virtual machine co-residency. This paper proposes to use cross-layer Bayesian networks to infer the stealthy bridges existing between enterprise network islands. Prior to constructing cross-layer Bayesian networks, cloud-level attack graphs are built to capture the potential attacks enabled by stealthy bridges and reveal hidden possible attack paths. The result of the experiment justifies the crosslayer Bayesian network’s capability of inferring the existence of stealthy bridges given supporting evidence from other intrusion steps in a multistep attack.

AB - Enterprise networks are migrating to the public cloud to acquire computing resources for promising benefits in terms of efficiency, expense, and flexibility. Except for some public services, the enterprise network islands in cloud are expected to be absolutely isolated from each other. However, some “stealthy bridges” may be created to break such isolation due to two features of the public cloud: virtual machine image sharing and virtual machine co-residency. This paper proposes to use cross-layer Bayesian networks to infer the stealthy bridges existing between enterprise network islands. Prior to constructing cross-layer Bayesian networks, cloud-level attack graphs are built to capture the potential attacks enabled by stealthy bridges and reveal hidden possible attack paths. The result of the experiment justifies the crosslayer Bayesian network’s capability of inferring the existence of stealthy bridges given supporting evidence from other intrusion steps in a multistep attack.

UR - http://www.scopus.com/inward/record.url?scp=84948148036&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84948148036&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-23829-6_1

DO - 10.1007/978-3-319-23829-6_1

M3 - Chapter

AN - SCOPUS:84948148036

T3 - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

SP - 3

EP - 23

BT - Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST

PB - Springer Verlag

ER -

Sun X, Dai J, Singhal A, Liu P. Inferring the stealthy bridges between enterprise network islands in cloud using cross-layer bayesian networks. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST. Springer Verlag. 2015. p. 3-23. (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST). https://doi.org/10.1007/978-3-319-23829-6_1