MulVAL Project at Kansas State University

MulVAL stands for "Multi-host, Multi-stage Vulnerability Analysis Language". It is a research tool for security practitioners and system administrators to better manage the configuration of an enterprise network such that the security risks are appropriately controlled. Our goal is to design technologies for building a security knowledge base which can be utilized by various automated tools to enhance the quality and reduce the costs of enterprise network security management.

News

• MulVAL 1.0 released!.

People

• Simon Ou (Assistant Professor)
• John Homer (PhD)
• Su Zhang (PhD)
• Abhishek Rakshit (MS)
• Hussain Almohri (MS)
• Ashok Varikuti (MS)
• Dustin Seabourn (Undergraduate student)

Research Papers

1. MulVAL: A logic-based network security analyzer. Xinming Ou, Sudhakar Govindavajhala, and Andrew W. Appel. In 14th USENIX Security Symposium, Baltimore, Maryland, U.S.A., August 2005.
2. A logic-programming approach to network security analysis. Xinming Ou. PhD dissertation, Princeton University, 2005.
3. A scalable approach to attack graph generation. Xinming Ou, Wayne F. Boyer, and Miles A. McQueen. In 13th ACM Conference on Computer and Communications Security (CCS 2006), Alexandria, VA, U.S.A., October 2006.
4. Googling attack graphs. Reginald Sawilla and Xinming Ou. Technical report, Defence R & D Canada -- Ottawa. TM 2007-205, September 2007.
5. From attack graphs to automated configuration management - an iterative approach. John Homer, Xinming Ou, and Miles A. McQueen. Technical report, Kansas State University, Computing and Information Sciences Department. January 2008.
6. Improving attack graph visualization through data reduction and attack grouping. John Homer, Ashok Varikuti, Xinming Ou, and Miles A. McQueen. In 5th International Workshop on Visualization for Cyber Security (VizSEC 2008), Cambridge, MA, U.S.A., September 2008.
7. Identifying critical attack assets in dependency attack graphs. Reginald Sawilla and Xinming Ou. In 13th European Symposium on Research in Computer Security (ESORICS 2008), Malaga, Spain, October 2008. The extended version.
8. SAT-solving approaches to context-aware enterprise network security management. John Homer and Xinming Ou, In IEEE JSAC Special Issue on Network Infrastructure Configuration, Vol. 27, No. 3, April 2009. Preprint
9. Techniques for enterprise network security metrics. Anoop Singhal and Xinming Ou. Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies (CSIIRW) , Extended Abstract, April, 2009.
10. A host-based security assessment architecture for industrial control systems. Abhishek Rakshit and Xinming Ou. 2nd International Symposium on Resilient Control Systems (ISRCS), Idaho Falls, ID, USA, August 2009.
11. A sound and practical approach to quantifying security risk in enterprise networks. John Homer, Xinming Ou, and David Schmidt. Technical report, Kansas State University, Computing and Information Sciences Department. August 2009.
12. Uncertainty and risk management in cyber situational awareness. Jason Li, Xinming Ou, and Raj Rajagopalan. In Sushil Jajodia et al., editor, Cyber Situational Awareness: Issues and Research , chapter 4. Springer, Nov. 2009.
13. An empirical approach to modeling uncertainty in intrusion analysis. Xinming Ou, S. Raj Rajagopalan, and Sakthiyuvaraja Sakthivelmurugan. Annual Computer Security Applications Conference (ACSAC), Honolulu, Hawaii, USA, Dec 2009.
14. Using Bayesian Networks for cyber security analysis. Peng Xie, Jason H Li, Xinming Ou, Peng Liu, and Renato Levy. The 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2010), To appear. Preprint.

The documents contained in these pages are included to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.

Some materials presented in this web page are based upon work supported by the National Science Foundation under Grant No. 0716665. Any opinions, findings and conclusions or recomendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).