• Corpus ID: 15404445

Network Security Evaluation through Attack Graph Generation

  title={Network Security Evaluation through Attack Graph Generation},
  author={Zhang Lufeng and Tang Hong and Cui Yi-ming and E ZhangJianBo}
task for most of the administrators. The typical means by which an attacker breaks into a network is through a series of exploits, where each exploit in the series satisfies the precondition for subsequent exploits and makes a causal relationship among them. Such a series of exploits constitutes an attack path and the set of all possible attack paths form an attack graph. Even the well administered networks are susceptible to such attacks as present day vulnerability scanners are only able to… 

Figures and Tables from this paper

A Review of Network Security Metrics
Attack graphs are a valuable tool to network administrators, describing paths which can be used by an attacker to gain access to a targeted network and network administrator can focus their efforts on correcting the vulnerabilities and configuration errors that allow the attackers exploiting these vulnerabilities.
A new perspective of network vulnerability analysis using Network Security Gradient
The concept of Network Security Gradient (NSG) is proposed to reflect the direction of the network attack and the hierarchy of defense, and the Gradient Attack Assumption (GAA) to constraint the process of attack graph generation for the purpose of avoiding CAPs.
N + 1 Decision Trees For Attack Graph
  • Computer Science
A novel way to draw an Attack Graph is introduced, by using Decision Tree to preprocessing the vulnerabilities information collecting from government institution using NESSUS tool.
A test of attack graph-based evaluation of IT-security
To assess the accuracy and correctness of attack graphs I have studied several different attack graphs and their attributes and found out if attack graphs can successful ...
Web Security and Log Management: An Application Centric Perspective
Risks that affect web applications are discussed, and how network-centric and host-centric techniques, as much as they are crucial in an enterprise, lack necessary depth to comprehensively analyze overall application security.
Evolving Gaming Strategies for Attacker-Defender in a Simulated Network Environment
A memory-based multi-objective evolutionary algorithm (MOEA) is implemented in AG framework to generate action strategies, and experiments are performed in a simulated network to demonstrate that the proposed MOEA approach performs better than existing AG implementations.
Using gaming strategies for attacker and defender in recommender systems
In this paper, an approach to generating gaming strategies for the attacker and defender in a recommender system is highlighted and attack graphs, use cases, and misuses cases are defined in this gaming framework to analyze the vulnerabilities and security measures incorporated in aRecommender system.


Scalable, graph-based network vulnerability analysis
This paper revisits the idea of attack graphs themselves, and argues that they represent more information explicitly than is necessary for the analyst, and proposes a more compact and scalable representation.
Attack Graph Generation with Implementation in Network Security
The experiment validates the prototype of generating tools of network attack graph and builds the model of network security states, and the generating algorithm of attack graph is implemented.
Using model checking to analyze network vulnerabilities
This work addresses the network vulnerabilities problem with test cases, which amount to attack scenarios, generated by a model checker, and encodes the vulnerabilities in a state machine description suitable for a modelChecker and asserts that an attacker cannot acquire a given privilege on a given host.
Automated generation and analysis of attack graphs
This paper presents an automated technique for generating and analyzing attack graphs, based on symbolic model checking algorithms, letting us construct attack graphs automatically and efficiently.
Representing TCP/IP connectivity for topological analysis of network security
A modem of network connectivity at multiple levels of the TCP/IP stack appropriate for use in a model checker is presented and it is possible to represent realistic networks including common network security devices such as firewalls, filtering routers, and switches.
Scenario graphs and attack graphs
This work develops formal techniques that give users flexibility in examining design errors discovered by automated analysis, and defines and analyze attack graphs, an application of scenario graphs to represent ways in which intruders attack computer networks.
Survivable Network Analysis Method
The four-step SNA method guides stakeholders through an analysis process intended to improve system survivability when a system is threatened, and focuses on preservation of essential system services that support the organizational mission.
Case Study in Survivable Network System Analysis
This case study summarizes the application and results of applying the SNA method to a subsystem of a large scale, distributed healthcare system and suggests that the method can provide significant added value for ensuring survivability of system operations.
Survivability Computation of Information Systems Based on Intrusion Scenario
A survivability quantitative analysis method for network information system based on intrusion scenario can find out the weak nodes that can be damaged by attacker and give the network administrator valuable suggestions to enhance system survivability.
A graph-based system for network-vulnerability analysis
A graph-based tool can identify the set of attack paths that have a high probability of success (or a low effort cost) for the attacker, and is used to test the effectiveness of making configuration changes, implementing an intrusion detection system, etc.