A Layered Graphical Model for Cloud Forensic and Mission Impact Analysis
Changwei Liu, Anoop Singhal, Duminda Wijesekera
In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs attack scenarios using evidences in a log files. The lower layer reconstructs the missing attack steps using system calls. Based on the graph produced from the three layers our model computes a quantitative impact on the business processes using the NIST vulnerability scoring system. A case study shows the usability of our model and how it can be applied for both forensic analysis and for mitigating the impact of cyber attacks on the enterprise infrastructure.
Advances in Digital Forensics XIV
January 3-5, 2018
New Delhi, -1
14th IFIP International Conference on Digital Forensics