Computer-attack graph generation tool

被引:0
|
作者
Swiler, LP [1 ]
Phillips, C [1 ]
Ellis, D [1 ]
Chakerian, S [1 ]
机构
[1] Sandia Natl Labs, Albuquerque, NM 87185 USA
来源
DISCEX'01: DARPA INFORMATION SURVIVABILITY CONFERENCE & EXPOSITION II, VOL II, PROCEEDINGS | 2001年
关键词
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
This paper presents a tool for assessment of security attributes and vulnerabilities in computer networks. The tool generates attack graphs[10]. Each node in the attack graph represents a possible attack state. Edges represent a change of state caused by a single action taken by the attacker or unwitting assistant, and are weighted by some metric (such as attacker effort or time to succeed). Generation of the attack graph requires algorithms that match information about attack requirements (specified in attack templates) to information about the network configuration and assumed attacker capabilities (attacker profile). The set of near-optimal shortest paths indicates the most exploitable components of the system configuration. This paper presents the status of the tool and discusses implementation issues, especially focusing on the data input needs and methods for eliminating redundant paths and nodes in the graph.(1).
引用
收藏
页码:307 / 321
页数:15
相关论文
共 50 条
  • [31] AI planning-based approach of attack graph generation
    Chen, Feng
    Su, Jin-Shu
    Han, Wen-Bao
    [J]. Jiefangjun Ligong Daxue Xuebao/Journal of PLA University of Science and Technology (Natural Science Edition), 2008, 9 (05): : 460 - 465
  • [32] Design Procedure of Knowledge Base for Practical Attack Graph Generation
    Inokuchi, Masaki
    Ohta, Yoshinobu
    Kinoshita, Shunichi
    Yagyu, Tomohiko
    Stan, Orly
    Bitton, Ron
    Elovici, Yuval
    Shabtai, Asaf
    [J]. PROCEEDINGS OF THE 2019 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (ASIACCS '19), 2019, : 594 - 601
  • [33] Research on Automatic Generation and Analysis Technology of Network Attack Graph
    Hu, Wenhui
    Zhang, Long
    Liu, Xueyang
    Huang, Yu
    Zhang, Minghui
    Xing, Liang
    [J]. 2020 IEEE 6TH INT CONFERENCE ON BIG DATA SECURITY ON CLOUD (BIGDATASECURITY) / 6TH IEEE INT CONFERENCE ON HIGH PERFORMANCE AND SMART COMPUTING, (HPSC) / 5TH IEEE INT CONFERENCE ON INTELLIGENT DATA AND SECURITY (IDS), 2020, : 133 - 139
  • [34] An Attack Graph Generation Method Based on Heuristic Searching Strategy
    Wang, Shuo
    Tang, Guangming
    Kou, Guang
    Chao, Yong
    [J]. 2016 2ND IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATIONS (ICCC), 2016, : 1180 - 1185
  • [35] Attack Hypotheses Generation Based on Threat Intelligence Knowledge Graph
    Kaiser, Florian Klaus
    Dardik, Uriel
    Elitzur, Aviad
    Zilberman, Polina
    Daniel, Nir
    Wiens, Marcus
    Schultmann, Frank
    Elovici, Yuval
    Puzis, Rami
    [J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2023, 20 (06) : 4793 - 4809
  • [36] MAGD: Minimal Attack Graph Generation Dynamically in Cyber Security
    Mohammadzad, Maryam
    Karimpour, Jaber
    Mahan, Farnaz
    [J]. COMPUTER NETWORKS, 2023, 236
  • [37] THE COMPUTER-SYSTEM GRAPH - A USEFUL TOOL IN CHEMICAL GRAPH-THEORY
    CVETKOVIC, D
    GUTMAN, I
    [J]. JOURNAL OF COMPUTATIONAL CHEMISTRY, 1986, 7 (05) : 640 - 644
  • [38] Computer network security evaluation method based on improved attack graph
    Li, Zhaocui
    Liu, Huichuan
    Wu, Chunyan
    [J]. Journal of Cyber Security Technology, 2022, 6 (04) : 201 - 215
  • [39] Study of Generating Attack Graph based on Privilege Escalation for Computer Networks
    Chen, Xiuzhen
    Li, Jianhua
    Zhang, Shaojun
    [J]. 2008 11TH IEEE SINGAPORE INTERNATIONAL CONFERENCE ON COMMUNICATION SYSTEMS (ICCS), VOLS 1-3, 2008, : 1213 - 1217
  • [40] Automatic Discovery of Attack Messages and Pre- and Post-Conditions for Attack Graph Generation
    Carvalho, Marco
    Teng, Choh Man
    [J]. PROCEEDINGS OF THE 5TH INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2010, : 378 - 387
12345