| Title | TAG: Topological Attack Graph Analysis Tool |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Małowidzki, Marek, Hermanowski, Damian, Bereziński, Przemysław |
| Conference Name | 2019 3rd Cyber Security in Networking Conference (CSNet) |
| Date Published | oct |
| Keywords | Attack Graphs, attack paths, composability, computer network security, corrective actions, cyber defense, cyber security, graph theory, inference mechanisms, multistage cyberattacks, MulVAL inference engine, Predictive Metrics, pubcrawl, Resiliency, security evaluation, security level estimation, security problems, situational awareness, tag, topological attack graph analysis tool |
| Abstract | Attack graphs are a relatively new - at least, from the point of view of a practical usage - method for modeling multistage cyber-attacks. They allow to understand how seemingly unrelated vulnerabilities may be combined together by an attacker to form a chain of hostile actions that enable to compromise a key resource. An attack graph is also the starting point for providing recommendations for corrective actions that would fix or mask security problems and prevent the attacks. In the paper, we propose TAG, a topological attack graph analysis tool designed to support a user in a security evaluation and countermeasure selection. TAG employs an improved version of MulVAL inference engine, estimates a security level on the basis of attack graph and attack paths scoring, and recommends remedial actions that improve the security of the analyzed system. |
| DOI | 10.1109/CSNet47905.2019.9108979 |
| Citation Key | malowidzki_tag_2019 |
TAG: Topological Attack Graph Analysis Tool