Unknown Vulnerability Risk Assessment Based on Directed Graph Models: A Survey

He, Wenhao; Li, Hongjiao; Li, Jinguo

doi:10.1109/access.2019.2954092

Cited by 17 publications

(7 citation statements)

References 53 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In recent works, He et al 34 surveyed the use of graph models, including attack graphs and Bayesian networks, to assess risks associated with unknown vulnerabilities. Zimba et al 35 proposed a technique of Bayesian network‐based weighted attack path modeling, including the quantitative characterization of possible attack paths, to capture interlinked attack paths generated by advanced persistent threats upon the exploitation of vulnerabilities of cloud components.…”

Section: Related Workmentioning

confidence: 99%

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Javorník

Husák

2022

Engineering Reports

View full text Add to dashboard Cite

We present an approach to decision support in cybersecurity with respect to cyber threats and stakeholders' requirements. We approach situations in which cybersecurity experts need to take actions to mitigate the risks, such as temporarily putting an IT system out of operation, but need to consult them with other stakeholders. We propose a decision support system that uses a mission decomposition model representing the organization's functional and security requirements on its IT infrastructure. Based on the cybersecurity state assessment, that is, discovery of vulnerabilities and attacker's position, the decision support system calculates the resilience metrics for each IT infrastructure's configuration, that is, how likely are they to not be disrupted. The calculation is enabled by two novel formal models, Privilege-Exploit Attack Graph and Bayesian Privilege Attack Graph, which reduce complex attack graphs into a comprehensible bipartite graph. Moreover, they illustrate the impact of exploiting the vulnerabilities and attackers gaining the privileges. The system recommends the most resilient mission configurations that are comprehensible to both cybersecurity experts and non-technical stakeholders, who may then choose which configuration to apply. Our approach is illustrated in a case study of a real-world medical information system.

show abstract

Section: Related Workmentioning

confidence: 99%

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Javorník

Husák

2022

Engineering Reports

View full text Add to dashboard Cite

show abstract

“…The ISA/IEC 62443-4-1 technical document is divided into eight practices, which specify the secure product development life cycle requirements for both the development and the maintenance phases [ 49 ]. The “Practice 5—Security verification and validation testing” (SVV) section of this document specifies that a process shall be employed to identify and characterize potential security vulnerabilities in the product, including known and unknown vulnerabilities [ 50 , 51 ]. Two requirements in Practice 5 are in charge of the task of analyzing vulnerabilities, as follows: Requirement SVV-3.…”

Section: Related Workmentioning

confidence: 99%

A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics

Longueira-Romero

Iglesias

Flores

et al. 2022

Sensors

View full text Add to dashboard Cite

The rapid evolution of industrial components, the paradigm of Industry 4.0, and the new connectivity features introduced by 5G technology all increase the likelihood of cybersecurity incidents. Such incidents are caused by the vulnerabilities present in these components. Designing a secure system is critical, but it is also complex, costly, and an extra factor to manage during the lifespan of the component. This paper presents a model to analyze the known vulnerabilities of industrial components over time. The proposed Extended Dependency Graph (EDG) model is based on two main elements: a directed graph representation of the internal structure of the component, and a set of quantitative metrics based on the Common Vulnerability Scoring System (CVSS). The EDG model can be applied throughout the entire lifespan of a device to track vulnerabilities, identify new requirements, root causes, and test cases. It also helps prioritize patching activities. The model was validated by application to the OpenPLC project. The results reveal that most of the vulnerabilities associated with OpenPLC were related to memory buffer operations and were concentrated in the libssl library. The model was able to determine new requirements and generate test cases from the analysis.

show abstract

“…To overcome the limitations of known vulnerability analysis, many analysis techniques for unknown vulnerabilities have been developed. The study in [ 13 ] showed a solution for unknown vulnerability risk assessment based on directed graphs, which fills the current gap in this research direction of investigation. In [ 14 ], the authors presented a network hardening approach that gives a maximized security solution for unknown and unfixable vulnerabilities by unifying the hardening options under the same model.…”

Section: Related Workmentioning

confidence: 99%

Modeling Analysis of SM2 Construction Attacks in the Open Secure Sockets Layer Based on Petri Net

Deng

Zhang

Wang

et al. 2022

Sensors

View full text Add to dashboard Cite

The detection and defense of malicious attacks are critical to the proper functioning of network security. Due to the diversity and rapid updates of the attack methods used by attackers, traditional defense mechanisms have been challenged. In this context, a more effective method to predict vulnerabilities in network systems is considered an urgent need to protect network security. In this paper, we propose a formal modeling and analysis approach based on Petri net vulnerability exploitation. We used the Common Vulnerabilities and Exposures (CVE)-2021-3711 vulnerability source code to build a model. A patch model was built to address the problems of this model. Finally, the time injected by the actual attacker and the time simulated by the software were calculated separately. The results showed that the simulation time was shorter than the actual attack time, and ultra-real-time simulation could be achieved. By modeling the network system with this method, the model can be found to arrive at an illegitimate state according to the structure of Petri nets themselves and thus discover unknown vulnerabilities. This method provides a reference method for exploring unknown vulnerabilities.

show abstract

Unknown Vulnerability Risk Assessment Based on Directed Graph Models: A Survey

Cited by 17 publications

References 53 publications

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

Mission‐centric decision support in cybersecurity via Bayesian Privilege Attack Graph

A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics

Modeling Analysis of SM2 Construction Attacks in the Open Secure Sockets Layer Based on Petri Net

Contact Info

Product

Resources

About