# Automated generation and analysis of attack graphs

@article{Sheyner2002AutomatedGA, title={Automated generation and analysis of attack graphs}, author={Oleg Sheyner and Joshua W. Haines and Somesh Jha and Richard Lippmann and Jeannette M. Wing}, journal={Proceedings 2002 IEEE Symposium on Security and Privacy}, year={2002}, pages={273-284} }

An integral part of modeling the global view of network security is constructing attack graphs. Manual attack graph construction is tedious, error-prone, and impractical for attack graphs larger than a hundred nodes. In this paper we present an automated technique for generating and analyzing attack graphs. We base our technique on symbolic model checking algorithms, letting us construct attack graphs automatically and efficiently. We also describe two analyses to help decide which attacksâ€¦Â

## 1,305 Citations

Attack graph generation and analysis

- Computer ScienceASIACCS '06
- 2006

This talk presents a technique, based on model checking, for generating attack graphs automatically and describes different analyses that system administrators can perform in trading off one security measure for another or in using attack graphs in intrusion detection.

Tools for Generating and Analyzing Attack Graphs

- Computer Science, MathematicsFMCO
- 2003

This paper takes network attack models as input to attack graph tools to generate attack graphs automatically and to analyze system vulnerabilities and presents details of an example to illustrate how these models are specified and analyzed.

A scalable approach to attack graph generation

- Computer ScienceCCS '06
- 2006

This paper proposes logical attack graphs, which directly illustrate logical dependencies among attack goals and configuration information, and shows experimental evidence that the logical attack graph generation algorithm is very efficient.

Two formal analyses of attack graphs

- Computer Science, MathematicsProceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15
- 2002

This paper presents an algorithm for generating attack graphs using model checking as a subroutine, and provides a formal characterization of this problem, proving that it is polynomially equivalent to the minimum hitting set problem and presenting a greedy algorithm with provable bounds.

Minimization and Reliability Analyses of Attack Graphs

- Computer Science, Mathematics
- 2002

This paper presents a minimization technique that allows analysts to decide which minimal set of security measures would guarantee the safety of the system, and provides a formal characterization of this problem and proves that it is polynomially equivalent to the minimum hitting set problem.

Topological Analysis of Multi-phase Attacks using Expert Systems

- Computer ScienceJ. Inf. Sci. Eng.
- 2008

A general logic-based framework for modeling network configurations and topologies is presented and a number of important and wide-spread network vulnerabilities are modeled as general inference rules based on the framework definitions.

Rule-Based Topological Vulnerability Analysis

- Computer ScienceMMM-ACNS
- 2005

This paper represents individual attacks as the transition rules of a rule-based system and considers arbitrary nonmonotonic rulesets and presents a series of optimizations which permit to perform vulnerability assessment efficiently in most practical cases.

Scalable Attack Representation Model Using Logic Reduction Techniques

- Computer Science2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
- 2013

Two logic reduction techniques are proposed to automate the ATs construction and to reduce the size of the AT, and the computational complexity is calculated.

Ranking Attack Graphs

- Computer Science, MathematicsRAID
- 2006

This work proposes two algorithms to rank states of an Attack Graph based on the probability of an attacker reaching those states, similar to the PageRank algorithm used by Google to measure importance of web pages on the World Wide Web.

## References

SHOWING 1-10 OF 28 REFERENCES

Computer-attack graph generation tool

- Computer ScienceProceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01
- 2001

The status of the tool is presented and implementation issues are discussed, especially focusing on the data input needs and methods for eliminating redundant paths and nodes in the graph.

Minimization and Reliability Analyses of Attack Graphs

- Computer Science, Mathematics
- 2002

This paper presents a minimization technique that allows analysts to decide which minimal set of security measures would guarantee the safety of the system, and provides a formal characterization of this problem and proves that it is polynomially equivalent to the minimum hitting set problem.

A requires/provides model for computer attacks

- Computer ScienceNSPW '00
- 2001

A flexible extensible model for computer attacks, a language for specifying the model, and how it can be used in security applications such as vulnerability analysis, intrusion detection and attack generation are described.

Using model checking to analyze network vulnerabilities

- Computer ScienceProceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000
- 2000

This work addresses the network vulnerabilities problem with test cases, which amount to attack scenarios, generated by a model checker, and encodes the vulnerabilities in a state machine description suitable for a modelChecker and asserts that an attacker cannot acquire a given privilege on a given host.

LAMBDA: A Language to Model a Database for Detection of Attacks

- Computer ScienceRecent Advances in Intrusion Detection
- 2000

This article presents an attack description language that is based on logic and uses a declarative approach and the various steps of the attack process are associated to events, which may be combined using specific algebraic operators.

Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security

- Computer ScienceIEEE Trans. Software Eng.
- 1999

Quantitative measures that estimate the effort an attacker might expend to exploit these vulnerabilities to defeat the system security objectives are proposed and a set of tools has been developed to compute such measures and used in an experiment to monitor a large real system for nearly two years.

NetSTAT: A Network-based Intrusion Detection System

- Computer ScienceJ. Comput. Secur.
- 1999

This paper presents a new approach that applies the State Transition Analysis Technique (STAT) to network intrusion detection, able to determine which network events have to be monitored and where they can be monitored, providing automatic support for configuration and placement of intrusion detection components.

Model Checking

- Computer Science
- 2000

Model checking is applied concurrently with system design, and particularly in its early stages when systems are modelled at a high level of abstraction, because the payoff of finding bugs at that stage is highest whereas the costs are low.

Survivability analysis of networked systems

- Computer ScienceProceedings of the 23rd International Conference on Software Engineering. ICSE 2001
- 2001

This work presents a systematic method for performing survivability analysis of networked systems, where an architect injects failure and intrusion events into a system model and then visualizes the effects of the injected events in the form of scenario graphs.