Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Literature Review
Results and Analysis
Discussion and Conclusion
References
All Topics
Computer Science

A novel approach for analysis of attack graph

Profile image of Nhamo MtetwaNhamo Mtetwa

2017, 2017 IEEE International Conference on Intelligence and Security Informatics (ISI)

https://doi.org/10.1109/ISI.2017.8004866
visibility

description

7 pages

link

1 file

Abstract

Attack graph technique is a common tool for the evaluation of network security. However, attack graphs are generally too large and complex to be understood and interpreted by security administrators. This paper proposes an analysis framework for security attack graphs for a given IT infrastructure system. First, in order to facilitate the discovery of interconnectivities among vulnerabilities in a network, multi-host multi-stage vulnerability analysis (MulVAL) is employed to generate an attack graph for a given network topology. Then a novel algorithm is applied to refine the attack graph and generate a simplified graph called a transition graph. Next, a Markov model is used to project the future security posture of the system. Finally, the framework is evaluated by applying it on a typical IT network scenario with specific services, network configurations, and vulnerabilities.

Related papers

A taxonomy for attack graph generation and usage in network security
asie shafiee

Attack graphs model possible paths that a potential attacker can use to intrude into a target network. They can be used in determining both proactive and reactive security measures. Attack graph generation is a process that includes vulnerability information processing, collecting network topology and application information, determining reachability conditions among network hosts, and applying the core graph building algorithm. This article introduces a classification scheme for a systematical study of the methods applied in each phase of the attack graph generation process, including the usage of attack graphs for network security. The related works in the literature are stated based on the proposed classification scheme and contributive ideas about potential challenges and open issues for attack graph generation and usage are provided.

View PDFchevron_right
ON ATTACK GRAPH MODEL OF NETWORK SECURITY
Daryoush Alipour

All types of network systems are subject to computer attacks. The overall security of a network cannot be determined by simply considering the vulnerable points in the network; it is essential to realize how vulnerabilities can be combined in the same host or in a set of connected hosts to initiate an attack. Attack graph is a tool for modeling compositions of vulnerabilities and thus representing possible multi-stage multi-host attacks in networks. Attack graphs can be used for measuring network security; supporting security solutions by identifying vulnerabilities that should be removed such that no attack can be realized targeting given critical resources, and thus hardening the network. We consider a general model of attack graphs and a scheme of attack graph generating algorithm; and investigate graph-theoretical problems related to particular tasks of network hardening.

View PDFchevron_right
Some Framework, Architecture and Approach for Analysis A Network Vulnerability
Tito W Purboyo

Network administrators must rely on labour-intensive processes for tracking network configurations and vulnerabilities, which requires a lot of expertise and error prone. Organizational network vulnerabilities and interdependencies are so complex to make traditional vulnerability analysis become inadequate. Decision support capabilities let analysts make tradeoffs between security and optimum availability, and indicates how best to apply limited security resources. Recent work in network security has focused on the fact that a combination of exploitation is the typical way in which the invader breaks into the network. Researchers have proposed various algorithms to generate graphs based attack tree (or graph). In this paper, we present a framework, Architecture and Approach to Vulnerability Analysis.

View PDFchevron_right
A Graph theoretical approach to Network Vulnerability Analysis and Countermeasures
Thaier Hamid

2011

Computer networks are certainly vulnerable as long as they deliver services from different machines. An attack graph is a security model representing the chains of vulnerability exploits in a network displays the ways an attacker can compromise a network or host. A number of researchers have admitted attack graph visual complications and a large amount of source data must be assembled to accurately build an attack graph, the difficulty scaling to large, enterprise-size networks with tens of thousands of hosts and the lack comprehensive understanding. Information on vulnerabilities is present in public vulnerability databases, such as the National Vulnerability Database and Nessus. But current attack graph tools are reserved to only limited attributes. The automatic formation of vulnerability information has been troublesome and vulnerability descriptions were created by hand or based on limited information. Much vulnerability has still not been discovered and many others without pat...

View PDFchevron_right
Automated generation and analysis of attack graphs
Richard Lippmann

Proceedings 2002 IEEE Symposium on Security and Privacy

An integral part of modeling the global view of network security is constructing attack graphs. In practice, attack graphs are produced manually by Red Teams. Construction by hand, however, is tedious, error-prone, and impractical for attack graphs larger than a hundred nodes. In this paper we present an automated technique for generating and analyzing attack graphs. We base our technique on symbolic model checking [4] algorithms, letting us construct attack graphs automatically and efficiently. We also describe two analyses to help decide which attacks would be most costeffective to guard against. We implemented our technique in a tool suite and tested it on a small network example, which includes models of a firewall and an intrusion detection system.

View PDFchevron_right
Some Algorithms for Generating Attack Graph
Tito W Purboyo

— Attack graph can provide clues for the network defender on how an attacker exploits the vulnerability on the network to achieve goals. System administrators use attack graph to determine how vulnerable their systems and to determine what security measures are used to maintain their systems. In a network of large and complex organizations, securing a network is a very challenging task. Attack graphs are very important in the effort to secure the network, because it can directly indicate the presence of vulnerabilities in network and how attackers use the vulnerabilities to implement an effective attack. In this paper, we will describe some very good algorithms can be used to generate the attack graph. Keywords— Generating Attack Graph; Network Security; Vulnerability Analysis; Attack Graph Generation Algorithm. I. INTRODUCTION Since the number of host in network continues to grow, it becomes increasingly more important to automate the process of evaluating their vulnerability to attack. When evaluating network security, rarely enough to consider the vulnerability of isolated existence. Large networks typically contain [1] multiple platforms and software packages, and employ multiple modes of connectivity. It is undeniable that the network has a security hole that could be spared from the observation, even by experienced administrators. The rapid growth of the internet affects the economic, political, cultural and many aspects of society. The deeper and wild internet applications, the clearer and more complex computer and network security issues are. Hackers and viruses can find more ways [2] to launch an attack with respect to the development of network technology. When analysing the network security of a company, it is important [3] to consider the multi-stage, multi-host attacks. A determined attacker is not possible to stop the machine he first compromise, but can be expected to try to penetrate more deeply into the network by jumping from one computer to another. For this reason, configuring a secure enterprise network is a daunting task for humans. There are many potential interactions between multiple hosts and components in the network, so that the configuration of the machine will affect the security of others in the network. Currently [5], in the field of network vulnerability analysis, there was an effective scanner to scan a single host or multiple vulnerabilities in the observed network. However, these tools only check the security hole from the isolated perspective. In order to objectively analyse network vulnerabilities, an analysis tool should be able to automatically make a systematic attack scenarios based on the vulnerability of the target network, service network, host connection and access authorization. Since the attack graph is suitable for simulating attack scenarios, network vulnerability analysis and the establishment of a defense mechanism, more and more attention is paid to them. As an important aspect of network security, computer security evaluation through the analysis of the computer network is very important and can protect us from being attacked. Attack graphs can provide a view of the security evaluation. In [6] describes a method for generating attack graphs for network security analysis. As computer networks continue to grow in size and complexity, assessing their susceptibility to attack is a real challenge. The combination of exploits is the typical means whereby an attacker breaks into a network. Attack graphs can describe the transition from the initial state to the target state, caused by the action of the attacker, and support the visual analysis [7]. The organization of the rest of this article is as follows. Section 2 introduces the attack graph generation. The algorithms for generating attack graph are given in Section 3. We give a conclusion in Section 4.

View PDFchevron_right
A Framework for Analysis A Network Vulnerability
Tito W Purboyo

Network administrators must rely on labour-intensive processes for tracking network configurations and vulnerabilities, which needs a lot of expertise and error prone. Network vulnerabilities and interdependencies are so complex to make traditional vulnerability analysis become inadequate. Capability of decision support let analysts make tradeoffs between security and optimum availability, and explains how best to apply limited security resources. Recent works in network security has focused on the fact that a combination of exploitation is the typical way in which the invader breaks the network security. Researchers have proposed various algorithms to generate graphs based attack tree (or graph). In this paper, a framework, architecture and approach to Vulnerability Analysis are presented.

View PDFchevron_right
Network Security Risk Analysis using Improved MulVAL Bayesian Attack Graphs
Mufti Ramadhan

International Journal on Electrical Engineering and Informatics, 2015

This paper presents some improvements on the Multihost Multistage Vulnerability Analysis (MulVAL) framework. MulVAL is a framework to generate an attack graph for analysis of a computer network security risk. In MulVAL, it is assumed that the probability of success in exploiting the machine configuration and vulnerability variable is 100%, and the vulnerability variables are independent of each other. In reality each machine has its own security configuration issue, and vulnerabilities are not independent of each other. Moreover the research in MulVAL attack graph solely focuses on the probability of vulnerability, whereas the probability of vulnerability in security configuration is not covered. In this paper we introduce three methods to improve the MulVAL framework. In the first method we employ Common Vulnerability Scoring System (CVSS) for calculating the probability of vulnerability variables, and Common Configuration Scoring System (CCSS) for calculating the probability of vulnerability of system security configuration. In the second method we introduce the interdependence of vulnerability variables in Bayesian senses. Finally, in the third method we analyze the impact of the change in system security configuration to the probability of vulnerability in the context of Bayesian probability. We analyze and discuss the proposed methods through a simulation for a simple network configuration. The simulation results of the proposed methods demonstrate that the introduction of CVSS, CCSS, employing dependency of vulnerability variables and system security configuration represent a more realistic model for vulnerability in MulVAL framework.

View PDFchevron_right
A new approach for network vulnerability analysis
Fei-Ching Kuo

2008

We propose in this paper a novel approach to analyze network vulnerability and to obtain a quantitative value representing the level of security achieved in an arbitrary network. Unlike previous graph-based algorithms that generate attack trees (or graphs) to cover all possible sequences of vulnerabilities and therefore are not scalable, our method utilizes the attack graphpsilas principles, but directly analyzes and produces the desired security measure for a network without building the actual attack graph. The proposed approach relies on a unique evaluation of vulnerability metric defined in this paper and is demonstrated through an example of a network that provides voice over IP services.

View PDFchevron_right
Bayesian Attack Graphs for Security Risk Assessment
Luis Muñoz-González

2017

Attack graphs offer a powerful framework for security risk assessment. They provide a compact representation of the attack paths that an attacker can follow to compromise network resources from the analysis of the network topology and vulnerabilities. The uncertainty about the attacker’s behaviour makes Bayesian networks suitable to model attack graphs to perform static and dynamic security risk assessment. Thus, whilst static analysis of attack graphs considers the security posture at rest, dynamic analysis accounts for evidence of compromise at run-time, helping system administrators to react against potential threats. In this paper, we introduce a Bayesian attack graph model that allows to estimate the probabilities of an attacker compromising different resources of the network. We show how exact and approximate inference techniques can be efficiently applied on Bayesian attack graph models with thousands of nodes.

View PDFchevron_right

References (42)

  1. "execCode(citrixServer,user)","OR",0
  2. "RULE 3 (remote exploit for a client program)","AND",0
  3. "RULE 22 (Browsing a malicious website)","AND",0 5,"attackerLocated(internet)","LEAF",1
  4. "hacl(citrixServer,internet,httpProtocol,httpPort)","LEAF",1
  5. 9,"vulExists(citrixServer,'CVE-2010- 0490',ie,remoteClient,privEscalation)","LEAF",1
  6. "execCode(commServer,user)","OR",0
  7. "RULE 3 (remote exploit for a client program)","AND",0 12,"accessMaliciousInput(commServer,victim_1,windows_2000)","OR",0 13,"RULE 22 (Browsing a malicious website)","AND",0 14,"hacl(commServer,internet,httpProtocol,httpPort)","LEAF",1 15,"inCompetent(victim_1)","LEAF",1
  8. "hasAccount(victim_1,commServer,user)","LEAF",1 17,"vulExists(commServer,'CVE-2010- 0483',windows_2000,remoteClient,privEscalation)","LEAF",1
  9. "execCode(dataHistorian,root)","OR",0
  10. "RULE 2 (remote exploit of a server program)","AND",0 20,"netAccess(dataHistorian,httpProtocol,httpPort)","OR",0 21,"RULE 5 (multi-hop access)","AND",0
  11. "vulExists(dataHistorian,'CVE-2010- 0494',mountd,remoteExploit,privEscalation)","LEAF",1 25,"execCode(vpnServer,user)","OR",0
  12. "RULE 3 (remote exploit for a client program)","AND",0 27,"accessMaliciousInput(vpnServer,victim_5,openvpn)","OR",0 28,"RULE 22 (Browsing a malicious website)","AND",0
  13. "hacl(vpnServer,internet,httpProtocol,httpPort)","LEAF",1 30,"inCompetent(victim_5)","LEAF",1
  14. "hasAccount(victim_5,vpnServer,user)","LEAF",1 32,"vulExists(vpnServer,'CVE-2010-0492',openvpn,remoteClient, privEscalation)","LEAF",1 REFERENCES
  15. X. Ou and A. Singhal, Quantitative security risk assessment of enterprise networks, 1st ed. New York: Springer, 2012.
  16. Ou, X., Boyer, W. F., & McQueen, M. A. (2006, October). A scalable approach to attack graph generation. In Proceedings of the 13th ACM conference on Computer and communications security (pp. 336-345). ACM.
  17. Ou, X., Govindavajhala, S., & Appel, A. W. (2005, July). MulVAL: A Logic-based Network Security Analyzer. In USENIX security.
  18. Abraham, S., & Nair, S. (2015). A predictive framework for cyber security analytics using attack graphs. arXiv preprint arXiv:1502.01240.
  19. Kissel, R. (Ed.). (2011). Glossary of key information security terms. Diane Publishing.
  20. Ferraiolo, K. (2000). The Systems Security Engineering Capability Maturity Model.
  21. Stoneburner, G., Hayden, C., & Feringa, A. (2001). Engineering principles for information technology security (a baseline for achieving security). BOOZ-ALLEN AND HAMILTON INC MCLEAN VA.
  22. Grance, T., Hash, J., Stevens, M., O'Neal, K., & Bartol, N. (2003). SP 800-35. Guide to Information Technology Security Services.
  23. Dawkins, J., & Hale, J. (2004, April). A systematic approach to multi- stage network attack analysis. In Information Assurance Workshop, 2004. Proceedings. Second IEEE International (pp. 48-56). IEEE.
  24. Dewri, R., Poolsappasit, N., Ray, I., & Whitley, D. (2007, October). Optimal security hardening using multi-objective optimization on attack tree models of networks. In Proceedings of the 14th ACM conference on Computer and communications security (pp. 204-213). ACM.
  25. Homer, J., Zhang, S., Ou, X., Schmidt, D., Du, Y., Rajagopalan, S. R., & Singhal, A. (2013). Aggregating vulnerability metrics in enterprise networks using attack graphs. Journal of Computer Security, 21(4), 561- 597.
  26. Ingols, K., Lippmann, R., & Piwowarski, K. (2006, December). Practical attack graph generation for network defense. In Computer Security Applications Conference, 2006. ACSAC'06. 22nd Annual (pp. 121-130). IEEE.
  27. Jajodia, S., & Noel, S. (2010). Advanced cyber attack modeling analysis and visualization. GEORGE MASON UNIV FAIRFAX VA.
  28. Jajodia, S., Noel, S., & O'Berry, B. (2005). Topological analysis of network attack vulnerability. In Managing Cyber Threats (pp. 247-266). Springer US.
  29. Li, W., Vaughn, R. B., & Dandass, Y. S. (2006). An approach to model network exploitations using exploitation graphs. Simulation, 82(8), 523- 541.
  30. Lippmann, R. P., & Ingols, K. W. (2005). An annotated review of past papers on attack graphs (No. PR-IA-1). MASSACHUSETTS INST OF TECH LEXINGTON LINCOLN LAB.
  31. Saha, D. (2008, October). Extending logical attack graphs for efficient vulnerability analysis. In Proceedings of the 15th ACM conference on Computer and communications security (pp. 63-74). ACM.
  32. Sheyner, O., Haines, J., Jha, S., Lippmann, R., & Wing, J. M. (2002). Automated generation and analysis of attack graphs. In Security and privacy, 2002. Proceedings. 2002 IEEE Symposium on (pp. 273-284). IEEE.
  33. Jajodia, S., & Noel, S. (2010). Topological vulnerability analysis. In Cyber situational awareness (pp. 139-154). Springer US.
  34. Ritchey, R. W., & Ammann, P. (2000). Using model checking to analyze network vulnerabilities. In Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE Symposium on (pp. 156-165). IEEE.
  35. Ammann, P., Wijesekera, D., & Kaushik, S. (2002, November). Scalable, graph-based network vulnerability analysis. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 217-224). ACM.
  36. Lippmann, R., Ingols, K., Scott, C., Piwowarski, K., Kratkiewicz, K., Artz, M., & Cunningham, R. (2006, October). Validating and restoring defense in depth using attack graphs. In Military Communications Conference, 2006. MILCOM 2006. IEEE (pp. 1-10). IEEE.
  37. Noel, S., & Jajodia, S. (2005, December). Understanding complex network attack graphs through clustered adjacency matrices. In Computer Security Applications Conference, 21st Annual (pp. 10-pp). IEEE.
  38. Homer, J., Varikuti, A., Ou, X., & McQueen, M. (2008). Improving attack graph visualization through data reduction and attack grouping. Visualization for computer security, 68-79.
  39. Huang, H., Zhang, S., Ou, X., Prakash, A., & Sakallah, K. (2011, December). Distilling critical attack graph surface iteratively through minimum-cost sat solving. In Proceedings of the 27th Annual Computer Security Applications Conference (pp. 31-40). ACM.
  40. Lippmann, R. P., Ingols, K. W., Scott, C., Piwowarski, K., Kratkiewicz, K., Artz, M., & Cunningham, R. (2005). Evaluating and strengthening enterprise network security using attack graphs. Lexington, Massachusetts October.
  41. Noel, Steven, and Sushil Jajodia. "Managing attack graph complexity through visual hierarchical aggregation." Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security. ACM, 2004.
  42. Williams, L., Lippmann, R., & Ingols, K. (2008). An interactive attack graph cascade and reachability display. In VizSEC 2007 (pp. 221-236). Springer Berlin Heidelberg.

Related papers

Cybersecurity: A Survey of Vulnerability Analysis and Attack Graphs
Ram N Mohapatra

Mathematics and Computing, 2018

The network infrastructure is the most critical technical asset of any organization. This network architecture must be useful, efficient, and secure. However, their cybersecurity challenges are immense as the number of attacks is increasing. Consequently, there is a need to have efficient tools to assess the risks, know the vulnerabilities, and find the solutions before the attackers exploit them. The challenges remain in integrating the vulnerability analysis tools in a holistic process that cyber defenders can use to detect an intrusion and respond quickly. Attack graphs showed great importance in analyzing security. In this paper, we present a survey of raised and related topics to the field of vulnerability analysis and attack graphs.

View PDFchevron_right
Attack Graph-Based Approach For Enterprise Networks Security Analysis
International Journal Of engineering and Computer Science (IJECS)

Network administrators are always faced with numerous challenges of identifying threats and in retrospect, securing the organization's network. The classical approach of identifying the vulnerability in the network is by using commercially developed tools that do not take into cognisance vulnerability interaction between network elements and their behavioral pattern.Therefore, network administrators have to take a hollistic methods to identify vulnerability interrelationships to be captured by an attack graph which will help in identifying all possible ways an attacker would have access to critical resources. The objective therefore is to design an attack graph–based approach for analyzing security vulnerabilities in enterprise networks, implement and evaluate performance of the approach. This work proposes an attack graph network security analyser based. The attack graph directly illustrates logical dependencies among attack goals and configuration information. In the attack graph, a node in the graph is a logical statement and an edge in the graph is represented by causality relation between network configurations and an attacker's potential privileges. The benchmark is just a collection of Datalog tuples representing the configuration of the synthesized networks, the graph generation CPU time was compared to Sheyner attack graph toolkit. The result in the graph shows the comparison of the graph builder CPU time for the case of a fully connected network and 5 vulnerabilities per host which shows Sheyner's tools grows exponentially.Some important contributions of this work include establishing an attack graph–based approach for enterprise networks security analysis that can capture generic security interactions and specify security relevant configuration information.

View PDFchevron_right
Comparative Analysis of Attack Graphs
Daryoush Alipour

It is well-known that nowadays computers and networks that are unique in their computational and service provision power have also major weaknesses and vulnerabilities that can be exploited by outsiders in compromising the valuable data and knowledge. Network administrators and network security analysts must be aware of different properties of current software solutions and diversity of problems regarding the possible protection of network assets. This means that they must know and use the latest and newest types of vulnerabilities, techniques and tools. “Attack Graphs” present formalized network maps and help with analysis of possible vulnerabilities that may exist in the network. Hence, in this paper we will describe some basic concepts that can be used to understand and generate the attack graphs.

View PDFchevron_right
Use of Attack Graphs in Security Systems
Sajjan Shiva

Journal of Computer Networks and Communications, 2014

Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.

View PDFchevron_right
Attack graph approach to dynamic network vulnerability analysis and countermeasures
Thaier Hamid

2014

It is widely accepted that modern computer networks (often presented as a heterogeneous collection of functioning organisations, applications, software, and hardware) contain vulnerabilities. This research proposes a new methodology to compute a dynamic severity cost for each state. Here a state refers to the behaviour vii

View PDFchevron_right

Related topics

  • Computer Science
    • 580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved