short-paper

Introducing priority into hybrid attack graphs

Authors:

W. Nichols,

P. Hawrylak,

J. Hale,

M. PapaAuthors Info & Claims

CISRC '17: Proceedings of the 12th Annual Conference on Cyber and Information Security Research

Article No.: 12, Pages 1 - 4

https://doi.org/10.1145/3064814.3064826

Published: 04 April 2017 Publication History

Get Access

Abstract

With the cybersecurity of critical infrastructures becoming increasingly significant, methods for testing the security of cyber-physical systems are still under development. One promising method is hybrid attack graph (HAG) analysis. HAGs extend attack graphs to model the hybrid behavior of cyber-physical systems (CPSs). Generating these graphs is computationally intensive, as the system state space is enormous, yet many states may not be physically realizable. This paper introduces the concept of priorities to hybrid attack graphs, which is designed to reduce state explosion while preserving all relevant attack paths. While designed for hybrid attack graphs, priorities can be applied to traditional attack graphs as well.

References

[1]

X. Ou, W. F. Boyer and M. A. McQueen, "A Scalable Approach to Attack Graph Generation," in Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, Virginia, 2006.

Digital Library

Google Scholar

[2]

L. P. R. and K. W. Ingols, " An Annotated Review of Past Papers on Attack Graphs," Massachusetts Institute of Technology Lexington Lincon Lab, 2005.

Google Scholar

[3]

S. Zonouz, K. M. Rogers, R. Berthier, R. B. Bobba, W. H. Sanders and T. J. Overbye, "SCPSE: Security-Oriented Cyber-Physical State Estimation for Power Grid Critical Infrastructures," IEEE Transactions on Smart Grid, vol. 3, no. 4, pp. 1790--1799, 2012.

Crossref

Google Scholar

[4]

P. Ammann, D. Wijesekera and S. Kaushik, "Scalable, Graph-Based Network Vulnerability Analysis," in Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington D.C., 2002.

Digital Library

Google Scholar

[5]

V. Rafe, M. Rahmani and K. Rashidi, "A Survey on Coping with the State Space Explosion Problem in Model Checking," International Research Journal of Applied and Basic Sciences, vol. 4, no. 6, pp. 1379--1384, 2013.

Google Scholar

[6]

K. Cook, T. Shaw, P. Hawrylak and J. Hale, "Scalable Attack Graph Generation," in Proceedings of the 11th Annual Cyber and Information Security Research Conference, Oak Ridge, Tennessee, 2016.

Digital Library

Google Scholar

[7]

L. Wang, T. Islam, T. Long, A. Singhal and S. Jajodia, "An Attack Graph-Based Probabilistic Security Metric," in IFIP Annual Conference on Data and Applications Security and Privacy, Berlin, Heidelberg, 2008.

Digital Library

Google Scholar

[8]

Forum of Incident Response and Security Teams, "CVSS 3.0 Specification Document," {Online}.

Google Scholar

[9]

G. Louthan, M. Haney, P. Hardwicke, P. Hawrylak and J. Hale, "Hybrid Extensions for Stateful Attack Graphs," in Proceedings of the 9th Annual Cyber and Information Security Research Conference, Oak Ridge, Tennessee, 2014.

Digital Library

Google Scholar

[10]

G. Louthan, Hybird Attack Graphs for Modelling Cyber-Physical Systems, Tulsa, OK, 2011.

Google Scholar

Cited By

View all

Ge YShen XXu BHe G(2022)A Hybrid Attack Graph Analysis Method based on Model Checking2022 Tenth International Conference on Advanced Cloud and Big Data (CBD)10.1109/CBD58033.2022.00053(258-263)Online publication date: Nov-2022
https://doi.org/10.1109/CBD58033.2022.00053
Ibrahim MAlsheikh A(2019)Automatic Hybrid Attack Graph (AHAG) Generation for Complex Engineering SystemsProcesses10.3390/pr71107877:11(787)Online publication date: 1-Nov-2019
https://doi.org/10.3390/pr7110787
West JHale JPapa MHawrylak P(2019)Automatic Identification of Critical Digital Assets2019 2nd International Conference on Data Intelligence and Security (ICDIS)10.1109/ICDIS.2019.00040(219-224)Online publication date: Jun-2019
https://doi.org/10.1109/ICDIS.2019.00040
Show More Cited By

Index Terms

Introducing priority into hybrid attack graphs
1. Computer systems organization
  1. Embedded and cyber-physical systems
2. Security and privacy
  1. Systems security
    1. Vulnerability management
      1. Vulnerability scanners

Recommendations

Hybrid extensions for stateful attack graphs
CISR '14: Proceedings of the 9th Annual Cyber and Information Security Research Conference

Critical infrastructures and safety critical systems increasingly rely on the carefully orchestrated interactions between computers, networks and kinetic elements. The dominant formalisms for modeling such hybrid systems (those with discrete and ...
CVSS Attack Graphs
SITIS '11: Proceedings of the 2011 Seventh International Conference on Signal Image Technology & Internet-Based Systems

Attack models and attack graphs are efficient tools to describe and analyse attack scenarios aimed at computer networks. More precisely, attack graphs give all possible scenarios for an attacker to reach a certain goal, exploiting vulnerabilities of the ...
Employing attack graphs for intrusion detection
NSPW '19: Proceedings of the New Security Paradigms Workshop

Intrusion detection systems are a commonly deployed defense that examines network traffic, host operations, or both to detect attacks. However, more attacks bypass IDS defenses each year, and with the sophistication of attacks increasing as well, we ...

Comments

Information & Contributors

Information

Published In

CISRC '17: Proceedings of the 12th Annual Conference on Cyber and Information Security Research

April 2017

106 pages

ISBN:9781450348553

DOI:10.1145/3064814

General Chairs:
Joseph P. Trien
Oak Ridge National Laboratory
,
Stacy J. Prowell
Oak Ridge National Laboratory
,
John R. Goodall
Oak Ridge National Laboratory
,
Justin M. Beaver
Oak Ridge National Laboratory
,
Program Chair:
Robert A. Bridges
Oak Ridge National Laboratory

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 April 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

CISRC'17

CISRC'17: Twelfth Annual Cyber and Information Security Research Conference

April 4 - 6, 2017

Tennessee, Oak Ridge, USA

Acceptance Rates

CISRC '17 Paper Acceptance Rate 8 of 22 submissions, 36%;

Overall Acceptance Rate 69 of 136 submissions, 51%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
245
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)2

Reflects downloads up to 03 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Ge YShen XXu BHe G(2022)A Hybrid Attack Graph Analysis Method based on Model Checking2022 Tenth International Conference on Advanced Cloud and Big Data (CBD)10.1109/CBD58033.2022.00053(258-263)Online publication date: Nov-2022
https://doi.org/10.1109/CBD58033.2022.00053
Ibrahim MAlsheikh A(2019)Automatic Hybrid Attack Graph (AHAG) Generation for Complex Engineering SystemsProcesses10.3390/pr71107877:11(787)Online publication date: 1-Nov-2019
https://doi.org/10.3390/pr7110787
West JHale JPapa MHawrylak P(2019)Automatic Identification of Critical Digital Assets2019 2nd International Conference on Data Intelligence and Security (ICDIS)10.1109/ICDIS.2019.00040(219-224)Online publication date: Jun-2019
https://doi.org/10.1109/ICDIS.2019.00040
Nichols WHawrylak PHale JPapa M(2018)Methodology to Estimate Attack Graph System State from a Simulation of a Nuclear Research Reactor2018 Resilience Week (RWS)10.1109/RWEEK.2018.8473465(84-87)Online publication date: Aug-2018
https://doi.org/10.1109/RWEEK.2018.8473465
Nichols WHill ZHawrylak PHale JPapa M(2018)Automatic Generation of Attack Scripts from Attack Graphs2018 1st International Conference on Data Intelligence and Security (ICDIS)10.1109/ICDIS.2018.00050(267-274)Online publication date: Apr-2018
https://doi.org/10.1109/ICDIS.2018.00050
Hill ZNichols WPapa MHale JHawrylak P(2017)Verifying attack graphs through simulation2017 Resilience Week (RWS)10.1109/RWEEK.2017.8088649(64-67)Online publication date: Sep-2017
https://doi.org/10.1109/RWEEK.2017.8088649

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Hybrid extensions for stateful attack graphs

CVSS Attack Graphs

Employing attack graphs for intrusion detection