Abstract: A method for cyber sensing for power outage detection includes receiving a selected geographic region for detection and monitoring of power outages; gathering Internet Protocol (IP) network addresses of IP networks within the geographical region; filtering the gathered IP network addresses of IP networks within the geographical region, wherein the gathered IP network addresses of IP networks within the geographical region are referred to herein as geo-relevant IP network addresses; calculating a baseline value for each geo-relevant IP network; scanning the filtered geo-relevant IP network once per predefined time interval, so that each individual IP address within each geo-relevant IP network is tested for response and determining how many devices within the geo-relevant IP network positively respond to the testing; periodically repeating the step of scanning and comparing scan results; and displaying results of scanning.

Abstract: A method for cyber sensing for power outage detection includes receiving a selected geographic region for detection and monitoring of power outages; gathering Internet Protocol (IP) network addresses of IP networks within the geographical region; filtering the gathered IP network addresses of IP networks within the geographical region, wherein the gathered IP network addresses of IP networks within the geographical region are referred to herein as geo-relevant IP network addresses; calculating a baseline value for each geo-relevant IP network; scanning the filtered geo-relevant IP network once per predefined time interval, so that each individual IP address within each geo-relevant IP network is tested for response and determining how many devices within the geo-relevant IP network positively respond to the testing; periodically repeating the step of scanning and comparing scan results; and displaying results of scanning.

Abstract: Described are techniques used for assessing the security of a network. Pruned attack trees are generated using a forward chaining, breadth-first technique representing the attack paths of a possible attacker in the network. A vulnerability score is determined for each network and attacker starting point using attack loss values assigned to each host and information extracted from the attack tree(s) concerning compromised hosts. Different hypothetical alternatives may be evaluated to improve security of the network and each alternative may be evaluated by recomputing the network vulnerability score and comparing the recomputed score to the original network vulnerability score. Also disclosed is a method for determining end-to-end connectivity of a network. The resulting end-to-end connectivity information is used in generating the pruned attack tree.

Abstract: Described are techniques used for assessing the security of a network. Pruned attack trees are generated using a forward chaining, breadth-first technique representing the attack paths of a possible attacker in the network. A vulnerability score is determined for each network and attacker starting point using attack loss values assigned to each host and information extracted from the attack tree(s) concerning compromised hosts. Different hypothetical alternatives may be evaluated to improve security of the network and each alternative may be evaluated by recomputing the network vulnerability score and comparing the recomputed score to the original network vulnerability score. Also disclosed is a method for determining end-to-end connectivity of a network. The resulting end-to-end connectivity information is used in generating the pruned attack tree.