skip to main content
10.1145/1128817.1128822acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
Article

Attack graph generation and analysis

Published: 21 March 2006 Publication History

Abstract

Attack graphs represent the ways in which an adversary can exploit vulnerabilities to break into a system. System administrators analyze these attack graphs to understand where their system's weaknesses lie and to help decide which security measures will be effective to deploy. In practice, attack graphs are produced manually by Red Teams. Construction by hand, however, is tedious, error-prone, and impractical for attack graphs larger than a hundred nodes. In this talk I present a technique, based on model checking, for generating attack graphs automatically. I also describe different analyses that system administrators can perform in trading off one security measure for another or in using attack graphs in intrusion detection. Work on generating attack graphs is joint with Somesh Jha and Oleg Sheyner; on analyzing them, joint with Oleg Sheyner and Oren Dobzinski.

References

[1]
S. Jha and J. Wing, "Survivability Analysis of Networked Systems," Proceedings of the International Conference on Software Engineering, Toronto, Canada, May 2001. Preliminary version available as CMU-CS-00-168, October 2000.
[2]
S. Jha, O. Sheyner, and J.M. Wing, "Two Formal Analyses of Attack Graphs," Proceedings of the 15th IEEE Computer Security Foundations Workshop, Nova Scotia, Canada, June 2002, pp. 49--63.
[3]
O. Sheyner, J. Scenario Graphs and Attack Graphs, CMU-CS-04-122, Ph.D. thesis, Computer Science Department, Carnegie Mellon, April 2004.
[4]
O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing, "Automated Generation and Analysis of Attack Graphs," Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2002.
[5]
O. Sheyner and J.M. Wing, "Tools for Generating and Analyzing Attack Graphs," Proceedings of Workshop on Formal Methods for Components and Objects, 2004, pp. 344--371.
[6]
J.M. Wing, "Scenario Graphs Applied to Security," Proceedings of Workshop on Verification of Infinite State Systems with Applications to Security, Timisoara, Romania, March 2005. Summary paper.

Cited By

View all
  • (2024)Advanced Persistent Threat Attack Detection Systems: A Review of Approaches, Challenges, and TrendsDigital Threats: Research and Practice10.1145/36960145:4(1-37)Online publication date: 17-Sep-2024
  • (2024)A Survey on Attack GraphNetwork Simulation and Evaluation10.1007/978-981-97-4522-7_3(36-52)Online publication date: 2-Aug-2024
  • (2016)Leveraging data stream processing and weighted attack graph for real-time bridge structural monitoring and warning2016 TRON Symposium (TRONSHOW)10.1109/TRONSHOW.2016.7842881(1-9)Online publication date: Dec-2016
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ASIACCS '06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security
March 2006
384 pages
ISBN:1595932720
DOI:10.1145/1128817
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 March 2006

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. attack graphs
  2. intrusion detection
  3. minimization analysis
  4. model checking

Qualifiers

  • Article

Conference

Asia CCS06
Sponsor:

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)13
  • Downloads (Last 6 weeks)3
Reflects downloads up to 09 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Advanced Persistent Threat Attack Detection Systems: A Review of Approaches, Challenges, and TrendsDigital Threats: Research and Practice10.1145/36960145:4(1-37)Online publication date: 17-Sep-2024
  • (2024)A Survey on Attack GraphNetwork Simulation and Evaluation10.1007/978-981-97-4522-7_3(36-52)Online publication date: 2-Aug-2024
  • (2016)Leveraging data stream processing and weighted attack graph for real-time bridge structural monitoring and warning2016 TRON Symposium (TRONSHOW)10.1109/TRONSHOW.2016.7842881(1-9)Online publication date: Dec-2016
  • (2016)A real-time Health Monitoring and warning system for bridge structures2016 IEEE Region 10 Conference (TENCON)10.1109/TENCON.2016.7848598(3010-3013)Online publication date: Nov-2016
  • (2013)Overview on attack graph generation and visualization technology2013 International Conference on Anti-Counterfeiting, Security and Identification (ASID)10.1109/ICASID.2013.6825274(1-6)Online publication date: Oct-2013
  • (2010)Towards a Unified Security Evaluation Framework for e-Healthcare Information SystemsElectronic Healthcare Information Security10.1007/978-0-387-84919-5_6(151-172)Online publication date: 2010
  • (2008)Event-Driven Architecture for Intrusion Detection Systems Based on PatternsProceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies10.1109/SECURWARE.2008.49(391-396)Online publication date: 25-Aug-2008

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media