An Attack Graph Generation Method Based on Parallel Computing

Cao, Ningyuan; Lv, Kun; Hu, Changzhen

doi:10.1007/978-3-030-03026-1_3

Cited by 3 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Compared to the serial approaches mentioned above, another attack graph generation has a dependence on parallel computing [21][22][23]. Its core idea is using a partition algorithm to split a large-scale complex network topology and processing each subgraph by multiple agents at the same time, which emphasizes the load balancing to enhance the efficiency of the attack graph generation.…”

Section: Related Workmentioning

confidence: 99%

An Automatic Planning-Based Attack Path Discovery Approach from IT to OT Networks

Wang

Zhang

Liu

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

With the convergence of IT and OT networks, more opportunities can be found to destroy physical processes by cyberattacks. Discovering attack paths plays a vital role in describing possible sequences of exploitation. Automated planning that is an important branch of artificial intelligence (AI) is introduced into the attack graph modeling. However, while adopting the modeling method for large-scale IT and OT networks, it is difficult to meet urgent demands, such as scattered data management, scalability, and automation. To that end, an automatic planning-based attack path discovery approach is proposed in this paper. At first, information of the attacking knowledge and network topology is formally represented in a standardized planning domain definition language (PDDL), integrated into a graph data model. Subsequently, device reachability graph partitioning algorithm is introduced to obtain subgraphs that are small enough and of limited size, which facilitates the discovery of attack paths through the AI planner as soon as possible. In order to further cope with scalability problems, a multithreading manner is used to execute the attack path enumeration for each subgraph. Finally, an automatic workflow with the assistance of a graph database is provided for constructing the PDDL problem file for each subgraph and traversal query in an interactive way. A case study is presented to demonstrate effectiveness of attack path discovery and efficiency with the increase in number of devices.

show abstract

Section: Related Workmentioning

confidence: 99%

An Automatic Planning-Based Attack Path Discovery Approach from IT to OT Networks

Wang

Zhang

Liu

et al. 2021

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Attack graphs (developed through several years, notably in [16]- [18]) are merely used to represent the flow of an attack. The benefit of using attack graphs to describe an attack flow is to exploit the existing literature on digraphs (see [2]- [4], [19], [20]). Attack graphs can quantitatively model a probabilistic view of attacker capabilities (defined as Bayesian attack graphs [21]).…”

Section: Related Workmentioning

confidence: 99%

On Parallel Real-Time Security Improvement Using Mixed-Integer Programming

et al. 2021

View full text Add to dashboard Cite

Network security defenses evolve, responding to real-time attack incidents, modifying the underlying topology, or reallocating defense systems across the network. The present work emphasizes reducing the time to compute new optimal reallocations of defense systems, responding to emerging realtime remote attacks. The proposed heuristic method utilizes parallel processing by slicing the underlying graphical model representing the network topology, solving in parallel multiple mixed-integer programming problems corresponding to the created subgraphs, and producing an estimate of the optimal defense. The parallelized method to compute a new defense enables producing a response, in real-time, before remote attackers compromise a target machine in the network. Our prototype tool to compute a new defense, the high-performance security analyzer, has a speedup of at least 20 over solving the original problem using a serial algorithm, and with an insignificant difference between the performance of the (computed in parallel) approximately optimal defense and the (serially computed) optimal defense. A major conclusion is that further speedups will come from parallel integer programming algorithms rather than from graph partitioning.

show abstract

Implementing an Attack Graph Generator in CUDA

Hawrylak

Hale

2020

2020 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW)

View full text Add to dashboard Cite

An Attack Graph Generation Method Based on Parallel Computing

Cited by 3 publications

References 12 publications

An Automatic Planning-Based Attack Path Discovery Approach from IT to OT Networks

An Automatic Planning-Based Attack Path Discovery Approach from IT to OT Networks

On Parallel Real-Time Security Improvement Using Mixed-Integer Programming

Implementing an Attack Graph Generator in CUDA

Contact Info

Product

Resources

About