A New Method to Generate Attack Graphs

Author

Xie, Anming ; Chen, Guodong ; Wang, Yonggang ; Chen, Zhong ; Hu, Jianbin

Author_Institution

Inst. of Software, Peking Univ., Beijing, China

fYear

2009

fDate

8-10 July 2009

Firstpage

401

Lastpage

406

Abstract

To address the scalability problem in attack graphs generation, we propose a novel method to generate attack graphs automatically. Our approach constructs a two- tier attack graph framework, which includes a host access graph and some sub-attack graphs. A sub-attack graph describes concrete attack scenarios from one source host to one target host, while the host access graph describes the attacker´s privilege transition among hosts. Our sub-attack graphs and host access graph have remarkable smaller scales and can help network administrators to find the key hosts in attack sequences. Analysis shows that the upper bound computational cost of our model is O(N³), which could also be competed in real time. The following experiment validates our approach.

Keywords

computational complexity; computer networks; graph theory; security of data; attack graph generation; attack sequences; computational cost; host access graph; scalability problem; sub-attack graph; two- tier attack graph framework; Communication system security; Computational efficiency; Computer science; Concrete; Data security; National security; Power system security; Reliability engineering; Scalability; Upper bound; attack graphs; host access graph; network security; sub-attack graph;

fLanguage

English

Publisher

ieee

Conference_Titel

Secure Software Integration and Reliability Improvement, 2009. SSIRI 2009. Third IEEE International Conference on

Conference_Location

Shanghai

Print_ISBN

978-0-7695-3758-0

Type

conf

DOI

10.1109/SSIRI.2009.32

Filename

5325344