Googling Attack Graphs

PDF

Authors
  1. Sawilla, R.
  2. Ou, X.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN);Kansas State Univ, Manhattan KS (US) Dept of Computer Science
Abstract
Attack graphs have been proposed as useful tools for analyzing security vulnerabilities in network systems. Even when they are produced efficiently, the size and complexity of attack graphs often prevent a human from fully comprehending the information conveyed. A distillation of this overwhelming amount of information is crucial to aid network administrators in efficiently allocating scarce human and financial resources. This paper introduces the AssetRank algorithm, a generalization of Google’s PageRank algorithm that ranks web pages in web graphs. AssetRank handles the semantics of dependency attack graphs and assigns a metric to the vertices, which represent network privileges and vulnerabilities, indicating their importance in attacks against the system. We give a stochastic interpretation of the computed values in the context of dependency attack graphs, and conduct experiments on various network scenarios. The results of the experiments show that the numeric ranks given by our algorithm are consistent with the intuitive importance that the privileges and vulnerabilities have to an attacker. The asset ranks can be used to prioritize countermeasures, help a human reader to better comprehend security problems, and provide input to further security analysis tools.

Il y a un résumé en français ici.

Report Number
DRDC-OTTAWA-TM-2007-205 — Technical Memorandum
Date of publication
01 Sep 2007
Number of Pages
40
DSTKIM No
CA029797
CANDIS No
528199
Format(s):
CD ROM

Permanent link

Document 1 of 1

Date modified: