MulVAL Project at Kansas State University

MulVAL stands for "Multi-host, Multi-stage Vulnerability Analysis Language". It is a research tool for security practitioners and system administrators to better manage the configuration of an enterprise network such that the security risks are appropriately controlled. Our goal is to design technologies for building a security knowledge base which can be utilized by various automated tools to enhance the quality and reduce the costs of enterprise network configuration management.

People

• Simon Ou (Assistant Professor)
• John Homer (PhD)
• Abhishek Rakshit (MS)
• Hussain Almohri (MS)
• Sakthiyuvaraja Sakthivelmurugan (MS)
• Ashok Varikuti (MS)
• Cory Hardman (Undergraduate Student)

Research Papers about MulVAL

1. MulVAL: A logic-based network security analyzer. Xinming Ou, Sudhakar Govindavajhala, and Andrew W. Appel. In 14th USENIX Security Symposium, Baltimore, Maryland, U.S.A., August 2005.
2. A logic-programming approach to network security analysis. Xinming Ou. PhD thesis, Princeton University, 2005.
3. A scalable approach to attack graph generation. Xinming Ou, Wayne F. Boyer, and Miles A. McQueen. In 13th ACM Conference on Computer and Communications Security (CCS 2006), Alexandria, VA, U.S.A., October 2006.
4. Googling attack graphs. Reginald Sawilla and Xinming Ou. Technical report, Defence R & D Canada -- Ottawa
   TM 2007-205, September 2007.
5. From Attack Graphs to Automated Configuration Management - An Iterative Approach. John Homer, Xinming Ou, and Miles A. McQueen. Technical report, Kansas State University, Computing and Information Sciences Department. January 2008.
6. Improving Attack Graph Visualization through Data Reduction and Attack Grouping. John Homer, Ashok Varikuti, Xinming Ou, and Miles A. McQueen. In 5th International Workshop on Visualization for Cyber Security (VizSEC 2008), To appear.
7. Identifying Critical Attack Assets In Dependency Attack Graphs. Reginald Sawilla and Xinming Ou. In 13th European Symposium on Research in Computer Security (ESORICS 2008), To appear.

The documents contained in these pages are included to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

Some materials presented in this web page are based upon work supported by the National Science Foundation under Grant No. 0716665. Any opinions, findings and conclusions or recomendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).