A Novel Approach for Analysis of Attack Graph
| Title | A Novel Approach for Analysis of Attack Graph |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Yousefi, M., Mtetwa, N., Zhang, Y., Tianfield, H. |
| Conference Name | 2017 IEEE International Conference on Intelligence and Security Informatics (ISI) |
| Keywords | attack graph, Attack Graphs, Complexity theory, composability, computer network security, cyber security, graph theory, interconnections, IT infrastructure system, IT network scenario, Markov model, Markov processes, Metrics, multihost multistage vulnerability analysis, network configurations, network interconnectivities, Network security, network theory (graphs), Network topology, network vulnerabilities, Ports (Computers), Protocols, pubcrawl, resilience, Resiliency, security, security administrators, security attack graphs, security metrics, Servers, transition graph, vulnerability assessment |
| Abstract | Attack graph technique is a common tool for the evaluation of network security. However, attack graphs are generally too large and complex to be understood and interpreted by security administrators. This paper proposes an analysis framework for security attack graphs for a given IT infrastructure system. First, in order to facilitate the discovery of interconnectivities among vulnerabilities in a network, multi-host multi-stage vulnerability analysis (MulVAL) is employed to generate an attack graph for a given network topology. Then a novel algorithm is applied to refine the attack graph and generate a simplified graph called a transition graph. Next, a Markov model is used to project the future security posture of the system. Finally, the framework is evaluated by applying it on a typical IT network scenario with specific services, network configurations, and vulnerabilities. |
| URL | https://ieeexplore.ieee.org/document/8004866/ |
| DOI | 10.1109/ISI.2017.8004866 |
| Citation Key | yousefi_novel_2017 |
- network security
- vulnerability assessment
- transition graph
- Servers
- Security Metrics
- security attack graphs
- security administrators
- security
- Resiliency
- resilience
- pubcrawl
- Protocols
- Ports (Computers)
- network vulnerabilities
- network topology
- network theory (graphs)
- attack graph
- network interconnectivities
- network configurations
- multihost multistage vulnerability analysis
- Metrics
- Markov processes
- Markov model
- IT network scenario
- IT infrastructure system
- interconnections
- graph theory
- cyber security
- computer network security
- composability
- Complexity theory
- attack graphs