Visible to the public Enhancement of probabilistic attack graphs for accurate cyber security monitoring

TitleEnhancement of probabilistic attack graphs for accurate cyber security monitoring
Publication TypeConference Paper
Year of Publication2017
AuthorsDoynikova, E., Kotenko, I.
Conference Name2017 IEEE SmartWorld, Ubiquitous Intelligence Computing, Advanced Trusted Computed, Scalable Computing Communications, Cloud Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI)
Keywordsattack actions, attack graph, attack graph generation, attack graph nodes, attack models, attack probability, attack response, automatic countermeasure selection, Bayes methods, Bayesian methods, Computational modeling, computer networks, computer security incidents, Computing Theory, cyber security monitoring, graph theory, Indexes, Metrics, Monitoring, probabilistic attack graphs, pubcrawl, security, security assessment, security metrics, security monitoring, security of data, Software, vulnerability scoring
AbstractTimely and adequate response on the computer security incidents depends on the accurate monitoring of the security situation. The paper investigates the task of refinement of the attack models in the form of attack graphs. It considers some challenges of attack graph generation and possible solutions, including: inaccuracies in specifying the pre- and postconditions of attack actions, processing of cycles in graphs to apply the Bayesian methods for attack graph analysis, mapping of incidents on attack graph nodes, and automatic countermeasure selection for the nodes under the risk. The software prototype that implements suggested solutions is briefly specified. The influence of the modifications on the security monitoring is shown on a case study, and the results of experiments are described.
Citation Keydoynikova_enhancement_2017