Security risk analysis of enterprise networks using probabilistic attack graphs

Singhal, Anoop; Ou, Ximming

doi:10.6028/nist.ir.7788

Cited by 70 publications

(39 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Wang et al [42] suggested an overall network security score by combining individuals' vulnerabilities regarding their relationship in attack graphs. Singhal et al [38] defined the risk score as the likelihood of an attack which was derived from the likelihood of individual exploits. Noel et al [26] described four families of metrics for measuring security risk in attacks graph.…”

Section: Attack Graph Optimizationmentioning

confidence: 99%

Deployment optimization of IoT devices through attack graph analysis

Agmon

Shabtai

Puzis

2019

Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

The Internet of things (IoT) has become an integral part of our life at both work and home. However, these IoT devices are prone to vulnerability exploits due to their low cost, low resources, the diversity of vendors, and proprietary firmware. Moreover, short range communication protocols (e.g., Bluetooth or ZigBee) open additional opportunities for the lateral movement of an attacker within an organization. Thus, the type and location of IoT devices may significantly change the level of network security of the organizational network. In this paper, we quantify the level of network security based on an augmented attack graph analysis that accounts for the physical location of IoT devices and their communication capabilities. We use the depth-first branch and bound (DFBnB) heuristic search algorithm to solve two optimization problems: Full Deployment with Minimal Risk (FDMR) and Maximal Utility without Risk Deterioration (MURD). An admissible heuristic is proposed to accelerate the search. The proposed method is evaluated using a real network with simulated deployment of IoT devices. The results demonstrate (1) the contribution of the augmented attack graphs to quantifying the impact of IoT devices deployed within the organization on security, and (2) the effectiveness of the optimized IoT deployment. CCS CONCEPTS• Security and privacy → Distributed systems security; Mobile and wireless security.

show abstract

Section: Attack Graph Optimizationmentioning

confidence: 99%

Deployment optimization of IoT devices through attack graph analysis

Agmon

Shabtai

Puzis

2019

Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks

View full text Add to dashboard Cite

show abstract

“…However, most of the attack graph models only show all possible attack paths to the administrator, and they could not tell the administrator which is most likely path to be used by the attacker for some given conditions. Some researches tried to append probabilities on the attack graph, such as [15]- [17], but some of them estimated the probabilities by their individual experiences. For instance, the scheme of [17] has applied the well-known CVSS to set up the initial probabilities; however, they only took one metric, Access Complexity, into consideration.…”

Section: Attack Strategy Prediction With Precisely Estimated Probabilmentioning

confidence: 99%

“…Some researches tried to append probabilities on the attack graph, such as [15]- [17], but some of them estimated the probabilities by their individual experiences. For instance, the scheme of [17] has applied the well-known CVSS to set up the initial probabilities; however, they only took one metric, Access Complexity, into consideration. We think the result is inaccurate since the other two metrics, Access Vector and Authentication, are also major factors for successfully exploiting the vulnerability.…”

Section: Attack Strategy Prediction With Precisely Estimated Probabilmentioning

confidence: 99%

Attack Strategy Prediction with Precisely Estimated Probability and Evidence Mapping

Wang¹,

Liou²

2018

JACN

View full text Add to dashboard Cite

With the advance on computer science technology, the attackers' ability has continuously improved as well, and their artifices are getting more and more sophisticated. To secure the system, an intrusion detection system is usually deployed to notice the administrator when abnormal events happen. However, due to the poor quality of IDS alerts, massive quantity of alerts will hold analysts back when defending. Furthermore, it is not enough to avoid the attacking threats only knowing current crisis. With the assist of prediction, defenders can one step ahead of the attackers to increase the successful defense rate. In this paper, we propose a network attack prediction framework based on the improved attack graph. Two probability propagation functions are designed to update the probabilities for the next connected nodes. Through the pre-drawn probability attack graph, the administrator can realize all possible weak spots and attack paths in the system. Moreover, this paper provides a mapping function to map the exact alert as an evidence to the node of the attack graph to recalculate the probabilities in the attack graph and predict the most likely attacking path in the current situation.Index Terms-Attack graph, intrusion detection system, evidence mapping, network vulnerability analysis.I.

show abstract

“…Throughout this work, we will illustrate the steps and concepts using a running example borrowed from [38]. This reference describes a simple version of TVA (see, e.g., [31]) and attack graph modeling, based on a small infrastructure that is shown in Fig 1: The system consists of three machines (numbered as 0, 1 and 2), with several services being open on each node (such as file transfer protocol (FTP), remote shell (RSH) and secure shell (SSH)).…”

Section: A Running Examplementioning

confidence: 99%

Defending Against Advanced Persistent Threats Using Game-Theory

2017

View full text Add to dashboard Cite

Advanced persistent threats (APT) combine a variety of different attack forms ranging from social engineering to technical exploits. The diversity and usual stealthiness of APT turns them into a central problem of contemporary practical system security, since information on attacks, the current system status or the attacker’s incentives is often vague, uncertain and in many cases even unavailable. Game theory is a natural approach to model the conflict between the attacker and the defender, and this work investigates a generalized class of matrix games as a risk mitigation tool for an advanced persistent threat (APT) defense. Unlike standard game and decision theory, our model is tailored to capture and handle the full uncertainty that is immanent to APTs, such as disagreement among qualitative expert risk assessments, unknown adversarial incentives and uncertainty about the current system state (in terms of how deeply the attacker may have penetrated into the system’s protective shells already). Practically, game-theoretic APT models can be derived straightforwardly from topological vulnerability analysis, together with risk assessments as they are done in common risk management standards like the ISO 31000 family. Theoretically, these models come with different properties than classical game theoretic models, whose technical solution presented in this work may be of independent interest.

show abstract

Security risk analysis of enterprise networks using probabilistic attack graphs

Cited by 70 publications

References 24 publications

Deployment optimization of IoT devices through attack graph analysis

Deployment optimization of IoT devices through attack graph analysis

Attack Strategy Prediction with Precisely Estimated Probability and Evidence Mapping

Defending Against Advanced Persistent Threats Using Game-Theory

Contact Info

Product

Resources

About