Automated Vulnerability Testing via Executable Attack Graphs

Malzahn, Drew; Birnbaum, Zachary; Wright-Hamor, Cimone

doi:10.1109/cybersecurity49315.2020.9138852

Cited by 11 publications

(6 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[25], [38] [39], [53], [55], [71] 5) What methods and tools are used for visualizing the model, framework, or application? [6], [16], [27], [30], [37], [39], [40], [62] 6) What properties of the model, framework, or application can be analyzed? [14], [32], [35], [67] 7) What recommendations can be obtained from the attack graph to secure the IoT network?…”

Section: E Research Questionsmentioning

confidence: 99%

“…However, no thorough study has addressed IoT vulnerabilities and their evaluation using attack graphs. Although some papers capture both attack graphs and IoT [3], [34], they either do not cover certain topics, such as the parameters of the IoT network used to develop the attack graph [8], [17], [35], [48], [52], [54], [57], [68], [69] and the methods and tools used for visualizing the model, framework, or application [6], [16], [27], [30], [37], [39], [40], [62], or are no longer fully relevant due to the rapidly evolving domain. This survey paper is needed because IoT systems are becoming increasingly complex and pervasive in our daily lives, making it crucial to ensure their security.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

et al. 2023

View full text Add to dashboard Cite

Vulnerability assessment in industrial IoT networks is critical due to the evolving nature of the domain and the increasing complexity of security threats. This study aims to address the existing gaps in the literature by conducting a comprehensive survey on the use of attack graphs for vulnerability assessment in IoT networks. Attack graphs serve as a valuable cybersecurity tool for modeling and analyzing potential attack scenarios on systems, networks, or applications. The survey covers the research conducted between 2016 and 2021(34 peer-reviewed journal articles and 28 conference papers), identifying and categorizing the main methodologies and technologies employed in generating and analyzing attack graphs. In this review, core modeling techniques for IoT vulnerability assessment are highlighted, such as Markov Decision Processes (MDP), Feature Pyramid Networks (FPN), K-means clustering, and logistic regression models, along with other techniques involving genetic algorithms like fast-forward (FF), contingent fast-forwards (CFF), advanced reinforcement-learning algorithms, and HARMs models. The evaluation of the performance of these attack graph models using IoT networks or devices as case studies is also emphasized. This survey provides valuable insights into the state-of-the-art attack graph techniques for IoT network vulnerability assessment, identifying various applications, performances, research opportunities, and challenges. As a reference source, it serves to inform academicians and practitioners interested in leveraging attack graphs for IoT network vulnerability assessment and guides future research directions in this area.INDEX TERMS Attack graph, the Internet of Things, network vulnerabilities, vulnerability assessment.

show abstract

Section: E Research Questionsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Attackers may have arbitrary goals represented as assets [31]. LAGs may also support the various levels of attacker capabilities if they are defined as preconditions for exploits [50], [51]. However, due to the common delete-free relaxation in LAG solvers, modeling attacker resources may be challenging.…”

Section: Mulval Extensions a The Mulval Frameworkmentioning

confidence: 99%

A Survey of MulVAL Extensions and Their Attack Scenarios Coverage

et al. 2023

View full text Add to dashboard Cite

Organizations employ various adversary models to assess the risk and potential impact of attacks on their networks. A popular method of visually representing cyber risks is the attack graph. Attack graphs represent vulnerabilities and actions an attacker can take to identify and compromise an organization's assets. Attack graphs facilitate the visual presentation and algorithmic analysis of attack scenarios in the form of attack paths. MulVAL is a generic open-source framework for constructing logical attack graphs, which has been widely used by researchers and practitioners and extended by them with additional attack scenarios. This paper surveys all of the existing MulVAL extensions and maps all MulVAL interaction rules to MITRE ATT&CK Techniques to estimate their attack scenarios coverage. This survey aligns current MulVAL extensions along unified ontological concepts and highlights the existing gaps. It paves the way for the systematic improvement of MulVAL and the comprehensive modeling of the entire landscape of adversarial behaviors captured in MITRE ATT&CK.

show abstract

“…Another possible way to reduce experimental costs and cybersecurity costs more generally is the use of automated red teaming algorithms that might serve as a proxy for human red teams. Work is on-going in this space (e.g., [50] [51]) and the results may eventually become suitable for mimicking lower tier threats.…”

Section: Table 6: Net Loss Reduction / Benefitmentioning

confidence: 99%

Rigorous Validation of Systems Security Engineering Analytics

Llansó¹,

McNeil²,

Jamieson³

2022

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

In response to the asymmetric advantage that attackers enjoy over defenders in cyber systems, the cyber community has generated a steady stream of cybersecurity-related frameworks, methodologies, analytics, and "best practices" lists. However, these artifacts almost never undergo rigorous validation of their efficacy but instead tend to be accepted on faith, to, we suggest, our collective detriment based on evidence of continued attacker success. But what would rigorous validation look like, and can we afford it? This paper describes the design and estimates the cost of a controlled experiment whose goal is to determine the effectiveness of an exemplar systems security analytic. Given the significant footprint that humans play in cyber systems (e.g., their design, use, attack, and defense), any such experiment must necessarily take into account and control for variable human behavior. Thus, the paper reinforces the argument that cybersecurity can be understood as a hybrid discipline with strong technical and human dimensions.

show abstract

Automated Vulnerability Testing via Executable Attack Graphs

Cited by 11 publications

References 17 publications

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

A Review on Attack Graph Analysis for IoT Vulnerability Assessment: Challenges, Open Issues, and Future Directions

A Survey of MulVAL Extensions and Their Attack Scenarios Coverage

Rigorous Validation of Systems Security Engineering Analytics

Contact Info

Product

Resources

About