Attack Graph Generation with Machine Learning for Network Security

Koo, Ki-Jong; Moon, Daesung; Jung, Se-Hoon; Lee, Hansung

doi:10.3390/electronics11091332

Cited by 6 publications

(5 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Attack Tree from [16] overview of the automatic generation of Attack Models than the other surveys, since it is the first survey focusing on this particular field. To be more specific, the automatic generation of Attack Trees is only studied in [39], where all the papers referring to Attack Graphs are not considered- [3], [6], [13], [14], [18], [28], [29], [34]- [37], we consider all of the above papers. Also, the following papers which generate Attack Tree are not considered- [7], [12], [17], [22], [32] in [39], we on the other hand consider all the papers mentioned above.…”

Section: Related Workmentioning

confidence: 99%

“…None of the papers in this category are presenting proofs or the scalability of their approach. Koo et al [18] introduces a method to support the generation of an attack graph using Deep Learning and Machine Learning. The final model takes as an input the network topology and the system information.…”

Section: E Artificial Intelligencementioning

confidence: 99%

“…The authors at [18] present an easy and cheap method for generating Attack Graphs, but they explicitly state that it is applicable to small organizations. This is not the usual case nowadays, since we are surrounded by huge systems and organizations.…”

Section: E Artificial Intelligencementioning

confidence: 99%

See 2 more Smart Citations

A Survey of Automatic Generation of Attack Trees and Attack Graphs

Konsta¹,

Spiga²,

Lafuente³

et al. 2023

Preprint

View full text Add to dashboard Cite

Graphical security models constitute a well-known, user-friendly way to represent the security of a system. These class of models are used by security experts to identify vulnerabilities and assess the security of a system. The manual construction of these models can be tedious, especially for large enterprises. Consequently, the research community is trying to address this issue by proposing methods for the automatic generation of such models. In this work, we present a survey illustrating the current status of the automatic generation of two kinds of graphical security models -Attack Trees and Attack Graphs. The goal of this survey is to present the current methodologies used in the field, compare them and present the challenges and future directions for the research community.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: E Artificial Intelligencementioning

confidence: 99%

See 1 more Smart Citation

A Survey of Automatic Generation of Attack Trees and Attack Graphs

Konsta¹,

Spiga²,

Lafuente³

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…When implementing an attack, it needs to meet certain conditions, such as reachability and accessibility. Note that the security knowledge base needs to fully express the conditions for vulnerability exploitation and the risk factors after the successful exploitation of vulnerabilities, which are often expressed through attack graphs in mainstream approaches [17].…”

Section: Ontology Design For Defense Strategy Recommendationsmentioning

confidence: 99%

Towards Real-Time Warning and Defense Strategy AI Planning for Cyber Security Systems Aided by Security Ontology

Liu

Guo

2022

Electronics

View full text Add to dashboard Cite

Cyber security systems generally have the phenomena of passive defense and low-efficiency early warnings. Aiming at the above problems, this study proposes a real-time warning and plans an AI defense strategy for a cyber security system aided by a security ontology. First, we design a security defense ontology that integrates attack graphs, general purpose and domain-specific knowledge bases, and on this basis, we (1) develop an ontology-driven method of early warnings of real-time attacks, which supports non-intrusive scanning attack detection and (2) combine artificial intelligence planning and bounded rationality to recommend and automatically execute defense strategies in conventional defense scenarios. A case study has been performed, and the results indicate that: (1) the proposed method can quickly analyze network traffic data for real-time warnings, (2) the proposed method is highly feasible and has the ability to implement defense strategies autonomously, and (3) the proposed method performs the best, with a 5.4–11.4% increase in defense effectiveness against the state-of-the-art counterparts considering the APT29 attack. Overall, the proposed method holds the potential to increase the defense effectiveness against cyberattacks under high computing resource constraints.

show abstract

“…However, due to its open connectivity, CPSs have become the target of malicious attackers. Eavesdropping attack is one of the typical network attacks [5,6]. The security of CPSs has received a lot of attention, among which confidentiality is a basic security issue [7].…”

Section: Introductionmentioning

confidence: 99%

Event-Triggered Confidentiality Fusion Estimation Against Eavesdroppers in Cyber-Physical Systems

Xu,

Chen,

Wang

2023

Preprint

View full text Add to dashboard Cite

System state plays an important role in cyber-physical systems (CPSs). Ensuring the security of the CPSs is a key issue that can be widely applied. The confidentiality of system state is a fundamental feature of the CPSs security. This paper studies the distributed fusion estimation problem in the presence of eavesdropper, where local sensors send their estimates to a remote fusion center (FC). To prevent eavesdropping, the event triggered scheduling strategy was adopted on each sensor. Some sufficient conditions on the triggers’ threshold were derived to make the eavesdropping expected covariance unbounded while the expected error covariance for the user remains bounded. Moreover, the distributed confidentiality fusion estimation algorithm is provided to achieve perfect expected secrecy. Finally, simulations of different trigger levels for two local systems are employed to show the effectiveness of the proposed methods.

show abstract

Attack Graph Generation with Machine Learning for Network Security

Cited by 6 publications

References 36 publications

A Survey of Automatic Generation of Attack Trees and Attack Graphs

A Survey of Automatic Generation of Attack Trees and Attack Graphs

Towards Real-Time Warning and Defense Strategy AI Planning for Cyber Security Systems Aided by Security Ontology

Event-Triggered Confidentiality Fusion Estimation Against Eavesdroppers in Cyber-Physical Systems

Contact Info

Product

Resources

About