Minimization and Reliability Analyses of Attack Graphs

Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop on - CSIIRW '13, 2013

Attack graphs capture sequences of actions that an intruder can take to lead the system to an undesirable state. They have proven to be important tools for administrators to analyse and devise countermeasures to be deployed in the face of an attack. We consider preferences over countermeasures that the administrator may hold when devising a strategy to thwart the attacker's goals. We present a formalism based on CI-nets to represent and reason about such preferences. We present a method to find an intervention strategy in terms of a set of countermeasures that is guaranteed to thwart any attack on the system, which is also most preferred.

2017 IEEE International Conference on Intelligence and Security Informatics (ISI), 2017

Attack graph technique is a common tool for the evaluation of network security. However, attack graphs are generally too large and complex to be understood and interpreted by security administrators. This paper proposes an analysis framework for security attack graphs for a given IT infrastructure system. First, in order to facilitate the discovery of interconnectivities among vulnerabilities in a network, multi-host multi-stage vulnerability analysis (MulVAL) is employed to generate an attack graph for a given network topology. Then a novel algorithm is applied to refine the attack graph and generate a simplified graph called a transition graph. Next, a Markov model is used to project the future security posture of the system. Finally, the framework is evaluated by applying it on a typical IT network scenario with specific services, network configurations, and vulnerabilities.

2017

Attack graphs offer a powerful framework for security risk assessment. They provide a compact representation of the attack paths that an attacker can follow to compromise network resources from the analysis of the network topology and vulnerabilities. The uncertainty about the attacker’s behaviour makes Bayesian networks suitable to model attack graphs to perform static and dynamic security risk assessment. Thus, whilst static analysis of attack graphs considers the security posture at rest, dynamic analysis accounts for evidence of compromise at run-time, helping system administrators to react against potential threats. In this paper, we introduce a Bayesian attack graph model that allows to estimate the probabilities of an attacker compromising different resources of the network. We show how exact and approximate inference techniques can be efficiently applied on Bayesian attack graph models with thousands of nodes.

2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)

Attack graph approach is a common tool for the analysis of network security. However, analysis of attack graphs could be complicated and difficult depending on the attack graph size. This paper presents an approximate analysis approach for attack graphs based on Q-learning. First, we employ multi-host multi-stage vulnerability analysis (MulVAL) to generate an attack graph for a given network topology. Then we refine the attack graph and generate a simplified graph called a transition graph. Next, we use a Q-learning model to find possible attack routes that an attacker could use to compromise the security of the network. Finally, we evaluate the approach by applying it to a typical IT network scenario with specific services, network configurations, and vulnerabilities.

ACM Transactions on Privacy and Security, 2017

Attack graphs provide compact representations of the attack paths an attacker can follow to compromise network resources from the analysis of network vulnerabilities and topology. These representations are a powerful tool for security risk assessment. Bayesian inference on attack graphs enables the estimation of the risk of compromise to the system’s components given their vulnerabilities and interconnections and accounts for multi-step attacks spreading through the system. While static analysis considers the risk posture at rest, dynamic analysis also accounts for evidence of compromise, for example, from Security Information and Event Management software or forensic investigation. However, in this context, exact Bayesian inference techniques do not scale well. In this article, we show how Loopy Belief Propagation—an approximate inference technique—can be applied to attack graphs and that it scales linearly in the number of nodes for both static and dynamic analysis, making such an...

All types of network systems are subject to computer attacks. The overall security of a network cannot be determined by simply considering the vulnerable points in the network; it is essential to realize how vulnerabilities can be combined in the same host or in a set of connected hosts to initiate an attack. Attack graph is a tool for modeling compositions of vulnerabilities and thus representing possible multi-stage multi-host attacks in networks. Attack graphs can be used for measuring network security; supporting security solutions by identifying vulnerabilities that should be removed such that no attack can be realized targeting given critical resources, and thus hardening the network. We consider a general model of attack graphs and a scheme of attack graph generating algorithm; and investigate graph-theoretical problems related to particular tasks of network hardening.

Abstract: Network attack graphs are directed graph-representations of possible attack paths and vulnerabilities in a computer network. Each attack path is a sequence of steps taken by an attacker to achieve one or more goals in the target system. While there are some variations in the representations of the graph proposed by different researchers, typically the edges represent possible actions (or exploits) available to an attacker, and vertices represent the possible states for the system and applications.

2019

Attack graphs are a powerful tool for security risk assessment by analysing network vulnerabilities and the paths attackers can use to compromise network resources. The uncertainty about the attacker's behaviour makes Bayesian networks suitable to model attack graphs to perform static and dynamic analysis. Previous approaches have focused on the formalization of attack graphs into a Bayesian model rather than proposing mechanisms for their analysis. In this paper we propose to use efficient algorithms to make exact inference in Bayesian attack graphs, enabling the static and dynamic network risk assessments. To support the validity of our approach we have performed an extensive experimental evaluation on synthetic Bayesian attack graphs with different topologies, showing the computational advantages in terms of time and memory use of the proposed techniques when compared to existing approaches.

It is well-known that nowadays computers and networks that are unique in their computational and service provision power have also major weaknesses and vulnerabilities that can be exploited by outsiders in compromising the valuable data and knowledge. Network administrators and network security analysts must be aware of different properties of current software solutions and diversity of problems regarding the possible protection of network assets. This means that they must know and use the latest and newest types of vulnerabilities, techniques and tools. “Attack Graphs” present formalized network maps and help with analysis of possible vulnerabilities that may exist in the network. Hence, in this paper we will describe some basic concepts that can be used to understand and generate the attack graphs.

Mathematics and Computing, 2018

The network infrastructure is the most critical technical asset of any organization. This network architecture must be useful, efficient, and secure. However, their cybersecurity challenges are immense as the number of attacks is increasing. Consequently, there is a need to have efficient tools to assess the risks, know the vulnerabilities, and find the solutions before the attackers exploit them. The challenges remain in integrating the vulnerability analysis tools in a holistic process that cyber defenders can use to detect an intrusion and respond quickly. Attack graphs showed great importance in analyzing security. In this paper, we present a survey of raised and related topics to the field of vulnerability analysis and attack graphs.