Aggregating vulnerability metrics in enterprise networks using attack graphs

Homer, John; Zhang, Su; Ou, Xinming; Schmidt, David A.; Du, Yixuan; Rajagopalan, S. Raj; Singhal, Anoop

doi:10.3233/jcs-130475

Cited by 101 publications

(63 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In particular, humans (i) compare uncertain outcomes with a reference utility or cost, (ii) exhibit risk aversion in gains and risk seeking behavior in losses, and (iii) overweight losses compared to gains (loss aversion). A richer behavioral model, referred to as cumulative prospect theory [10], incorporates all these aspects in its cost function. However, in the setting of this paper, this richer model does not significantly change the cost functions of the defenders.…”

Section: The Behavioral Security Gamementioning

confidence: 99%

“…In the context of large-scale interdependent systems, adversaries often use stepping-stone attacks to exploit vulnerabilities within the network in order to compromise a particular target [9]. Such threats can be captured via the notion of attack graphs that represent all possible paths that attackers may have to reach their targets within the CPS [10]. The defenders in such systems are each responsible for defending some subset of the assets [2,11] with their limited resources.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Behavioral and Game-Theoretic Security Investments in Interdependent Systems Modeled by Attack Graphs

Abdallah

Naghizadeh²,

Hota

et al. 2020

IEEE Trans. Control Netw. Syst.

View full text Add to dashboard Cite

We consider a system consisting of multiple interdependent assets, and a set of defenders, each responsible for securing a subset of the assets against an attacker. The interdependencies between the assets are captured by an attack graph, where an edge from one asset to another indicates that if the former asset is compromised, an attack can be launched on the latter asset. Each edge has an associated probability of successful attack, which can be reduced via security investments by the defenders. In such scenarios, we investigate the security investments that arise under certain features of human decision-making that have been identified in behavioral economics. In particular, humans have been shown to perceive probabilities in a nonlinear manner, typically overweighting low probabilities and underweighting high probabilities. We show that suboptimal investments can arise under such weighting in certain network topologies. We also show that pure strategy Nash equilibria exist in settings with multiple (behavioral) defenders, and study the inefficiency of the equilibrium investments by behavioral defenders compared to a centralized socially optimal solution.

show abstract

Section: The Behavioral Security Gamementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Behavioral and Game-Theoretic Security Investments in Interdependent Systems Modeled by Attack Graphs

Abdallah

Naghizadeh²,

Hota

et al. 2020

IEEE Trans. Control Netw. Syst.

View full text Add to dashboard Cite

show abstract

“…CySeMoL, the tool P 2 CySeMoL bases some of its logic on, is presented in Section 3.1. MulVAL [7], [8], [9], [10] uses the output from network vulnerability scanners to model possible attacks on IT architectures. In MulVAL, each vulnerability is associated with a probability that represents how likely an attacker is to successfully exploit it [10].…”

Section: Related Workmentioning

confidence: 99%

“…MulVAL [7], [8], [9], [10] uses the output from network vulnerability scanners to model possible attacks on IT architectures. In MulVAL, each vulnerability is associated with a probability that represents how likely an attacker is to successfully exploit it [10]. These probabilities are derived from each vulnerability's denoted access-complexity value according to the Common Vulnerability Scoring System (CVSS) v2 [11] and intuition by the authors.…”

Section: Related Workmentioning

confidence: 99%

P<inline-formula><tex-math>$^{2}$</tex-math><alternatives> <inline-graphic xlink:type="simple" xlink:href="holm-ieq1-2382574.gif"/></alternatives></inline-formula>CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language

Holm

Shahzad

Buschle

et al. 2015

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

This paper presents the Predictive, Probabilistic Cyber Security Modeling Language (P 2 CySeMoL), an attack graph tool that can be used to estimate the cyber security of enterprise architectures. P 2 CySeMoL includes theory on how attacks and defenses relate quantitatively; thus, users must only model their assets and how these are connected in order to enable calculations. The performance of P 2 CySeMoL enables quick calculations of large object models. It has been validated on both a component level and a system level using literature, domain experts, surveys, observations, experiments and case studies.

show abstract

“…Then, the authors identify the presence of cycles in the attack graphs and extend the definition accordingly to propagating probability over cycles. In [22], [23], the authors utilize existing MulVAL attack graphs and apply probabilistic reasoning to produce an aggregation metric. It is very similar to our work except that they only use CVSS' Access Complexity as node's metric and map them to three fixed probability such as low to 0.9, medium to 0.6, and high to 0.2.…”

Section: Related Workmentioning

confidence: 99%

Difficulty-level metric for cyber security training

Huang

Shen

Doshiy

et al. 2015

2015 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision

View full text Add to dashboard Cite

Cyber security training systems work as a suitable learning environment for educating cyber analysts on how to detect and defense before real cyber attacks happen. As training is an iterative process, the assessment component not only assesses the knowledge gained by the cyber analysts, but also adjusts the difficulty of training lessons accordingly based on the analysts' performance. In this paper, we present an attack graphbased probabilistic metric to measure lesson scenarios' difficulty levels. Based on causal relationships between vulnerabilities in an attack graph, we apply Bayesian Reasoning to aggregate individual vulnerabilities into an probabilistic value representing the attackers success likelihood to achieve the attack goal. However, one major complication of using Bayesian Reasoning is that it does not allow for cycles, which exists in attack graphs. We identify different types of cycles in the attack graphs and propose an efficient algorithm to remove cycles while preserving cyclic influence in the probability calculation.

show abstract

Aggregating vulnerability metrics in enterprise networks using attack graphs

Cited by 101 publications

References 38 publications

Behavioral and Game-Theoretic Security Investments in Interdependent Systems Modeled by Attack Graphs

Behavioral and Game-Theoretic Security Investments in Interdependent Systems Modeled by Attack Graphs

P<inline-formula><tex-math>$^{2}$</tex-math><alternatives> <inline-graphic xlink:type="simple" xlink:href="holm-ieq1-2382574.gif"/></alternatives></inline-formula>CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language

Difficulty-level metric for cyber security training

Contact Info

Product

Resources

About