Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
skip to main content
10.1145/2897795.2897821acmotherconferencesArticle/Chapter ViewAbstractPublication PagescisrcConference Proceedingsconference-collections
short-paper

Scalable Attack Graph Generation

Published: 05 April 2016 Publication History

Abstract

Attack graphs are a powerful modeling technique with which to explore the attack surface of a system. However, they can be difficult to generate due to the exponential growth of the state space, often times making exhaustive search impractical. This paper discusses an approach for generating large attack graphs with an emphasis on scalable generation over a distributed system. First, a serial algorithm is presented, highlighting bottlenecks and opportunities to exploit inherent concurrency in the generation process. Then a strategy to parallelize this process is presented. Finally, we discuss plans for future work to implement the parallel algorithm using a hybrid distributed/shared memory programming model on a heterogeneous compute node cluster.

References

[1]
Message Passing Interface (MPI) Forum Home Page. http://mpi-forum.org/.
[2]
National Vulnerability Database. http://nvd.nist.gov/.
[3]
OpenMP.org. http://www.openmp.org/.
[4]
P. Ammann, D. Wijesekera, and S. Kaushik. Scalable, Graph-based Network Vulnerability Analysis. In Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS '02, pages 217--224, New York, NY, USA, 2002. ACM.
[5]
K. Kaynar and F. Sivrikaya. Distributed attack graph generation. IEEE Transactions on Dependable and Secure Computing, PP(99):1--1, 2015.
[6]
M. E. Kuhl, J. Kistner, K. Costantini, and M. Sudit. Cyber Attack Modeling and Simulation for Network Security Analysis. In Proceedings of the 39th Conference on Winter Simulation: 40 Years! The Best is Yet to Come, WSC '07, pages 1180--1188, Piscataway, NJ, USA, 2007. IEEE Press.
[7]
X. Ou, W. F. Boyer, and M. A. Mcqueen. A scalable approach to attack graph generation. In In Proc. of the Conference on Computer and Communications Security (CCS). ACM, 2006.
[8]
C. Phillips and L. P. Swiler. A Graph-based System for Network-vulnerability Analysis. In Proceedings of the 1998 Workshop on New Security Paradigms, pages 71--79, New York, NY, USA, 1998. ACM.
[9]
L. Piètre-Cambacédès and M. Bouissou. Beyond Attack Trees: Dynamic Security Modeling with Boolean Logic Driven Markov Processes (BDMP). In Dependable Computing Conference (EDCC), 2010 European, pages 199--208, Apr. 2010.
[10]
S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya, and Q. Wu. A Survey of Game Theory as Applied to Network Security. In 2010 43rd Hawaii International Conference on System Sciences, pages 1--10, Jan. 2010.
[11]
O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M. Wing. Automated generation and analysis of attack graphs. In Proceedings of 2002 IEEE Symposium on Security and Privacy, pages 273--284. IEEE, 2002.
[12]
T. Tidwell, R. Larson, K. Fitch, and J. Hale. Modeling internet attacks. In Proceedings of the 2001 IEEE Workshop on Information Assurance and security, volume 59, 2001.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
CISRC '16: Proceedings of the 11th Annual Cyber and Information Security Research Conference
April 2016
150 pages
ISBN:9781450337526
DOI:10.1145/2897795
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

  • Oak Ridge National Laboratory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 April 2016

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Attack Graphs
  2. Attack Modeling
  3. Vulnerability Analysis

Qualifiers

  • Short-paper
  • Research
  • Refereed limited

Conference

CISRC '16

Acceptance Rates

CISRC '16 Paper Acceptance Rate 11 of 28 submissions, 39%;
Overall Acceptance Rate 69 of 136 submissions, 51%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)18
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Application-Level Checkpoint/Restart for Large-Scale Attack and Compliance GraphsSoutheastCon 202410.1109/SoutheastCon52093.2024.10500065(1450-1455)Online publication date: 15-Mar-2024
  • (2024)SurveyComputers and Security10.1016/j.cose.2023.103602137:COnline publication date: 1-Feb-2024
  • (2023)A Workflow for Distributed and Resilient Attack Graph Generation2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S)10.1109/DSN-S58398.2023.00050(185-187)Online publication date: Jun-2023
  • (2021)Heterogeneous identity trust management method based on risk assessmentJournal of Intelligent & Fuzzy Systems10.3233/JIFS-189729(1-14)Online publication date: 24-Feb-2021
  • (2020)A Cyber-Physical System Testbed for Security ExperimentationCyber Security of Industrial Control Systems in the Future Internet Environment10.4018/978-1-7998-2910-2.ch009(175-209)Online publication date: 2020
  • (2020)An Automated Security Analysis Framework and Implementation for MTD Techniques on CloudInformation Security and Cryptology – ICISC 201910.1007/978-3-030-40921-0_9(150-164)Online publication date: 13-Feb-2020
  • (2019)Concurrency Strategies for Attack Graph Generation2019 2nd International Conference on Data Intelligence and Security (ICDIS)10.1109/ICDIS.2019.00033(174-179)Online publication date: Jun-2019
  • (2018)Secure Cyber Deception Architecture and Decoy Injection to Mitigate the Insider ThreatSymmetry10.3390/sym1001001410:1(14)Online publication date: 2-Jan-2018
  • (2017)Introducing priority into hybrid attack graphsProceedings of the 12th Annual Conference on Cyber and Information Security Research10.1145/3064814.3064826(1-4)Online publication date: 4-Apr-2017

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media