Study on the Application of Graph Theory Algorithms and Attack Graphs in Cybersecurity Assessment

Zhang, Jinghan; Wang, Wei; Zio, Enrico

doi:10.1109/icsrs59833.2023.10381005

2023 7th International Conference on System Reliability and Safety (ICSRS) 2023

DOI: 10.1109/icsrs59833.2023.10381005

|View full text |Cite

Study on the Application of Graph Theory Algorithms and Attack Graphs in Cybersecurity Assessment

Jinghan Zhang,

Wei Wang,

Enrico Zio

Abstract: Postulating the behavior of attackers is important in the design of cybersecurity protection measures. Attack graph is a technique employed for this purpose, which aids in identifying and modeling the potential attack paths an attacker could take to gain unauthorized access to a cyber network, exploit vulnerabilities, and compromise the system's confidentiality, integrity, and availability. In this study, we propose a framework aimed at identifying potential attack paths and determining the shortest path with … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2024

Publication Types

Select...

Article1

Relationship

Self Cite0

Independent1

Authors

Journals

Cited by 1 publication

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Fast Algorithm for Cyber-Attack Estimation and Attack Path Extraction Using Attack Graphs with AND/OR Nodes

Levner,

Tsadikovich

2024

Algorithms

View full text Add to dashboard Cite

This paper studies the security issues for cyber–physical systems, aimed at countering potential malicious cyber-attacks. The main focus is on solving the problem of extracting the most vulnerable attack path in a known attack graph, where an attack path is a sequence of steps that an attacker can take to compromise the underlying network. Determining an attacker’s possible attack path is critical to cyber defenders as it helps identify threats, harden the network, and thwart attacker’s intentions. We formulate this problem as a path-finding optimization problem with logical constraints represented by AND and OR nodes. We propose a new Dijkstra-type algorithm that combines elements from Dijkstra’s shortest path algorithm and the critical path method. Although the path extraction problem is generally NP-hard, for the studied special case, the proposed algorithm determines the optimal attack path in polynomial time, O(nm), where n is the number of nodes and m is the number of edges in the attack graph. To our knowledge this is the first exact polynomial algorithm that can solve the path extraction problem for different attack graphs, both cycle-containing and cycle-free. Computational experiments with real and synthetic data have shown that the proposed algorithm consistently and quickly finds optimal solutions to the problem.

show abstract

Fast Algorithm for Cyber-Attack Estimation and Attack Path Extraction Using Attack Graphs with AND/OR Nodes

Levner,

Tsadikovich

2024

Algorithms

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Study on the Application of Graph Theory Algorithms and Attack Graphs in Cybersecurity Assessment

Cited by 1 publication

References 36 publications

Fast Algorithm for Cyber-Attack Estimation and Attack Path Extraction Using Attack Graphs with AND/OR Nodes

Fast Algorithm for Cyber-Attack Estimation and Attack Path Extraction Using Attack Graphs with AND/OR Nodes

Contact Info

Product

Resources

About