Hybrid extensions for stateful attack graphs

“…The term attack graph refers to a number of related techniques for security analysis, revolving around the use of a formal state space model in which state transitions represent the actions of an attacker or other force (Li et al, 2021) (Louthan et al, 2014) (Phillips & Swiler, 1998). Terminology related to attack graphs varies significantly across authors.…”

“…Attack graph analysis requires a state-transition model defining a state space and possible transitions between states. One approach used by researchers is to model each state as a collection of assets and facts, where facts may describe properties of individual assets or relationships among assets (Li et al, 2021) (Louthan et al, 2014). Transitions can be defined indirectly using exploit patterns with specified preconditions and postconditions, which may contain free variables that must be bound to assets to create a concrete transition.…”

“…A state-transition model theoretically defines a complete, static graph describing all states and transitions. Since that graph is likely infinite or intractable to compute, practical analysis often involves computing a subgraph from a specific starting state, possibly using a pruning criterion such as a finite search depth (Louthan et al, 2014). We use the term attack graph to refer to the computed subgraph.…”

Decolonizing Information Technology Design: A Framework for Integrating Indigenous Knowledge in Design Science Research

“…The term attack graph refers to a number of related techniques for security analysis, revolving around the use of a formal state space model in which state transitions represent the actions of an attacker or other force (Li et al, 2021) (Louthan et al, 2014) (Phillips & Swiler, 1998). Terminology related to attack graphs varies significantly across authors.…”

“…Attack graph analysis requires a state-transition model defining a state space and possible transitions between states. One approach used by researchers is to model each state as a collection of assets and facts, where facts may describe properties of individual assets or relationships among assets (Li et al, 2021) (Louthan et al, 2014). Transitions can be defined indirectly using exploit patterns with specified preconditions and postconditions, which may contain free variables that must be bound to assets to create a concrete transition.…”

“…A state-transition model theoretically defines a complete, static graph describing all states and transitions. Since that graph is likely infinite or intractable to compute, practical analysis often involves computing a subgraph from a specific starting state, possibly using a pruning criterion such as a finite search depth (Louthan et al, 2014). We use the term attack graph to refer to the computed subgraph.…”

Decolonizing Information Technology Design: A Framework for Integrating Indigenous Knowledge in Design Science Research

“…A Hybrid Attack Graph (HAG) was modeled by [32], using linguistics and type extensions of traditional attack graph given the necessary inputs of asset, topology, and fact declarations in the typed grammar. The HAG was illustrated through an example of an attacker who is trying to compromise an automotive car by forcing it to drivetoward a wall.…”

Automatic Hybrid Attack Graph (AHAG) Generation for Complex Engineering Systems

“…Louthan et al [10] describe an approach to modeling hybrid systems, such as programmed control systems and cyber physical systems, that interact with the physical world. Their method used what they term a hybrid attack graph.…”

Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices