Analytical Approach to Attack Graph Analysis for Network Security

An attack graph increasingly plays an important role in network security. It shows possible paths of actions consisting of the network vulnerability exploits that can lead to security breaches. Because most attack graphs are very large and complex, much research has focused on how these graphs can be automatically and efficiently generated. However, little has been done on attack graph analysis, namely how we can use attack graphs to better protect the network. This paper addresses the latter issue. We present a suit of systematic approaches to statically analyzing attack graphs by means of reasoning mechanisms based on logical expressions and conditional preference networks. The proposed approaches are general and theoretically grounded. The paper describes the approaches in details. We show how the resulting analysis can help derive many useful decisions. For example, it can assist a security administrator in selecting most cost-effective countermeasures, based on his preference criteria, to improve the security flaws found in the attack graph. For understandability, we illustrate our approach by presenting a study of a simple and small but realistic case scenario.