Building Computer Network Attacks

In this work we set the basis of a framework for modeling and building computer network attacks. The main purpose of this framework is to provide a tool for automating the risk assessment process, in particular penetration tests, providing a further step in the direction of a tool like Core Impact [Co02]. This work has also a theoretical value: "we understand what we can build." Our framework, considered as a functional model of the attacking process, will provide the community with a deeper and more detailed model of the attacks and intrusions of computer networks. Finally, it can be used by a system administrator to simulate attacks against his network, evaluate the vulnerabilities of the network and determine which countermeasures will make it safe. 1 After reviewing related work, we describe in the second section the components of our model-probabilistic assets, quantified goals, agents and actionsand their relations. In the third section we describe the principal applications of this model: automated planning of attacks and attack simulations.