Overview on attack graph generation and visualization technology

Yi, Shengwei; Peng, Yong; Xiong, Qingrong; Wang, Ting; Dai, Zhijiang; Gao, Haihui; Xu, Jun; Wang, Jiteng; Xu, Lijuan

doi:10.1109/icasid.2013.6825274

Cited by 29 publications

(14 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Network vulnerability analysis using graph based approaches has been widely covered in the literature. A large body of work exists using attack graphs which propose approaches and tools for improved generation [17], [20], [29]- [31], visualization [32], [33], and analysis [19], [34], [35], or provide summaries of existing techniques [36]- [39]. Of the many types of attack graphs that exist, we have used dependency attack graphs, which facilitate understanding of the importance of individual vulnerabilities [40].…”

Section: Related Workmentioning

confidence: 99%

Cyclic Bayesian Attack Graphs: A Systematic Computational Approach

Matthews

Mace

Soudjani

et al. 2020

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

View full text Add to dashboard Cite

Attack graphs are commonly used to analyse the security of medium-sized to large networks. Based on a scan of the network and likelihood information of vulnerabilities, attack graphs can be transformed into Bayesian Attack Graphs (BAGs). These BAGs are used to evaluate how security controls affect a network and how changes in topology affect security. A challenge with these automatically generated BAGs is that cycles arise naturally, which make it impossible to use Bayesian network theory to calculate state probabilities. In this paper we provide a systematic approach to analyse and perform computations over cyclic Bayesian attack graphs. Our approach first formally introduces two commonly used versions of Bayesian attack graphs and compares their expressiveness. We then present an interpretation of Bayesian attack graphs based on combinational logic circuits, which facilitates an intuitively attractive systematic treatment of cycles. We prove properties of the associated logic circuit and present an algorithm that computes state probabilities without altering the attack graphs (e.g., remove an arc to remove a cycle). Moreover, our algorithm deals seamlessly with all cycles without the need to identify their types. A set of experiments using synthetically created networks demonstrates the scalability of the algorithm on computer networks with hundreds of machines, each with multiple vulnerabilities.

show abstract

Section: Related Workmentioning

confidence: 99%

Cyclic Bayesian Attack Graphs: A Systematic Computational Approach

Matthews

Mace

Soudjani

et al. 2020

2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

View full text Add to dashboard Cite

show abstract

“…From a practical perspective, the overview of attack graph tools was given by Yi et al [22]. The authors provide a comparison and analysis of both open source and commercial tools.…”

Section: Attack Graphs and Bayesian Networkmentioning

confidence: 99%

Decision Support for Mission-Centric Cyber Defence

Javorník

Komárková

Husák

2019

Proceedings of the 14th International Conference on Availability, Reliability and Security

View full text Add to dashboard Cite

In this paper, we propose a novel approach to enterprise mission modeling and mission-centric decision support for cybersecurity operations. The goal of the decision support analytical process is to suggest an effective response for an ongoing attack endangering established mission security requirements. First, we propose an enterprise mission decomposition model to represent the requirements of the missions' processes and components on their confidentiality, integrity, availability. The model is illustrated in a real-world scenario of a medical information system. Second, we propose an analytical process that calculates mission resilience metrics using the attack graphs and Bayesian network reasoning. The process is designed to help cybersecurity operations teams in understanding the complexity of a situation and decision making concerning requirements on enterprise missions.As the IT infrastructures grow larger, it is more and more complicated to protect them and all their components. The insufficient workforce in cyber security and the risks of misunderstanding between security operations and management further underline the problem. The security teams are not always aware of all the missions in an organization, nor knowing about missions' priorities. Under such circumstances, the risk of unwanted actions rises. For example, dropping network traffic of an infected system interrupts operations of a critical IT system or one of its dependencies, which ARES '

show abstract

“…17 criteria have been identified and used for evaluating the quality of the algorithm. The selection was based on algorithm characteristics found on previous studies and current trends in risk management (Kaynar & Sivrikaya, 2016;Lever & Kifayat, 2016;Polatidis et al, 2018;Yi et al, 2013). The details, of the criteria can be found in appendix A, while the criteria are also presented briefly within table 3.…”

Section: Evaluation Criteriamentioning

confidence: 99%

From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks

et al. 2018

View full text Add to dashboard Cite

Modern information society depends on reliable functionality of information systems infrastructure, while at the same time the number of cyber-attacks has been increasing over the years and damages have been caused. Furthermore, graphs can be used to show paths than can be exploited by attackers to intrude into systems and gain unauthorized access through vulnerability exploitation. This paper presents a method that builds attack graphs using data supplied from the maritime supply chain infrastructure. The method delivers all possible paths that can be exploited to gain access. Then, a recommendation system is utilized to make predictions about future attack steps within the network. We show that recommender systems can be used in cyber defense by predicting attacks. The goal of this paper is to identify attack paths and show how a recommendation method can be used to classify future cyber-attacks in terms of risk management. The proposed method has been experimentally evaluated and validated, with the results showing that it is both practical and effective.

show abstract

Overview on attack graph generation and visualization technology

Cited by 29 publications

References 13 publications

Cyclic Bayesian Attack Graphs: A Systematic Computational Approach

Cyclic Bayesian Attack Graphs: A Systematic Computational Approach

Decision Support for Mission-Centric Cyber Defence

From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks

Contact Info

Product

Resources

About