A Layered Graphical Model for Cloud Forensic and Mission Impact Analysis

Published: February 01, 2019


Changwei Liu, Anoop Singhal, Duminda Wijesekera


In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs attack scenarios using evidences in a log files. The lower layer reconstructs the missing attack steps using system calls. Based on the graph produced from the three layers our model computes a quantitative impact on the business processes using the NIST vulnerability scoring system. A case study shows the usability of our model and how it can be applied for both forensic analysis and for mitigating the impact of cyber attacks on the enterprise infrastructure.
Proceedings Title: Advances in Digital Forensics XIV
Volume: 532
Conference Dates: January 3-5, 2018
Conference Location: New Delhi, -1
Conference Title: 14th IFIP International Conference on Digital Forensics
Pub Type: Conferences


Mission Impact, Forensics Analysis, Cloud Computing, Attack Graphs
Created February 01, 2019, Updated February 06, 2019