A scalable approach to attack graph generation

Ou, Xinming; Boyer, Wayne F.; McQueen, Miles

doi:10.1145/1180405.1180446

Cited by 469 publications

(324 citation statements)

References 15 publications

Supporting

Mentioning

320

Contrasting

Unclassified

Order By: Relevance

“…Less closely related is the work on efficient generation of attack graphs [6][7][8][9][10]. These do not, however, explicitly model network router and firewall configurations to calculate the end-to-end reachability matrix, and do not focus on the problem of defining an aggregate impact metric.…”

Section: Related Workmentioning

confidence: 99%

On Computing Enterprise IT Risk Metrics

Bhatt

Horne

Rao

2011

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

On Computing Enterprise IT Risk Metrics

Bhatt

Horne

Rao

2011

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

“…Some vulnerabilities are more significant than others. Tools such as Attack Graphs [11] can be used to determine priority categories for all known vulnerabilities. The Common Vulnerability Scoring System (CVSS) [15] is another suggested mechanism for prioritizing known vulnerabilities.…”

Section: Restoration Time 7bmentioning

confidence: 99%

Ideal Based Cyber Security Technical Metrics for Control Systems

Boyer

McQueen

2008

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Much of the world's critical infrastructure is at risk from attack through electronic networks connected to control systems. Security metrics are important because they provide the basis for management decisions that affect the protection of the infrastructure. A cyber security technical metric is the security relevant output from an explicit mathematical model that makes use of objective measurements of a technical object. A specific set of technical security metrics are proposed for use by the operators of control systems. Our proposed metrics are based on seven security ideals associated with seven corresponding abstract dimensions of security. We have defined at least one metric for each of the seven ideals. Each metric is a measure of how nearly the associated ideal has been achieved. These seven ideals provide a useful structure for further metrics development. A case study shows how the proposed metrics can be applied to an operational control system.

show abstract

“…Assumption of cost of launching attacks to be equal is one of drawbacks of the system as it varies to a great extend in practical scenarios (L. Wang, Singhal, & Jajodia, 2007b). As network infrastructure becomes large, attack graphs become larger and complex (Ou, Boyer, & McQueen, 2006) . In order to handle and generate larger attack graphs, scalable analysis is required incorporating probabilistic knowledge of behavior of attacker (L. Wang, Singhal, & Jajodia, 2007a;Xie, Wen, Zhang, Hu, & Chen, 2009).…”

Section: Introductionmentioning

confidence: 99%

Attack Graph Analysis for Network Anti-Forensics

Chandran

Yan

2014

International Journal of Digital Crime and Forensics

View full text Add to dashboard Cite

The development of technology in computer networks has boosted the percentage of cyber-attacks today. Hackers are now able to penetrate even the strongest IDS and firewalls. With the help of anti-forensic techniques, attackers defend themselves, from being tracked by destroying and distorting evidences. To detect and prevent network attacks, the main modus of operandi in network forensics is the successful implementation and analysis of attack graph from gathered evidences. This paper conveys the main concepts of attack graphs, requirements for modeling and implementation of graphs. It also contributes the aspect of incorporation of anti-forensic techniques in attack graph which will help in analysis of the diverse possibilities of attack path deviations and thus aids in recommendation of various defense strategies for better security. To the best of our knowledge, this is the first time network anti-forensics has been fully discussed and the attack graphs are employed to analyze the network attacks. The experimental analysis of anti-forensic techniques using attack graphs were conducted in the proposed test-bed which helped to evaluate the model proposed and suggests preventive measures for the improvement of security of the networks.

show abstract

A scalable approach to attack graph generation

Cited by 469 publications

References 15 publications

On Computing Enterprise IT Risk Metrics

On Computing Enterprise IT Risk Metrics

Ideal Based Cyber Security Technical Metrics for Control Systems

Attack Graph Analysis for Network Anti-Forensics

Contact Info

Product

Resources

About