Attack Graph Generation, Visualization and Analysis: Issues and Challenges
作者: Ghanshyam S. Bopche , Babu M. Mehtre
DOI: 10.1007/978-3-662-44966-0_37
关键词:
摘要: In the current scenario, even well-administered enterprise networks are extremely susceptible to sophisticated multi-stage cyber attacks. These attacks combine multiple network vulnerabilities and use causal relationship between them in order get incremental access critical resources. Detection of such is beyond capability present day vulnerability scanners. correlated “multi-host, multi-stage” potentially much more harmful than single point/ isolated Security researchers have proposed an Attack Graph-based approach detect attack scenarios. graph a security analysis tool used extensively networked environment automate process evaluating network’s susceptibility last decade, lot research has been done area graph- generation, visualization analysis. Despite significant progress, still there issues challenges before community that needs be addressed. this paper, we tried identify important avenues
springer.com
sci-hub.st 参考文章(41)
Advances in grid and pervasive computing Lecture Notes in Computer Science. ,vol. 5529, ,(2009) , 10.1007/978-3-642-01671-4
Vaibhav Mehta, Constantinos Bartzis, Haifeng Zhu, Edmund Clarke, Jeannette Wing, Ranking Attack Graphs Lecture Notes in Computer Science. pp. 127- 144 ,(2006) , 10.1007/11856214_7
Dana Ali, Goran Kap, Statistical Analysis of Computer Network Security ,(2013)
Mridul Sankar Barik, Chandan Mazumdar, A Graph Data Model for Attack Graph Generation and Analysis International Conference on Security in Computer Networks and Distributed Systems. pp. 239- 250 ,(2014) , 10.1007/978-3-642-54525-2_22
Tao Long, Attack graph compression ,(2009)
C.R. Ramakrishnan, R. Sekar, Model-based analysis of configuration vulnerabilities Journal of Computer Security. ,vol. 10, pp. 189- 209 ,(2002) , 10.3233/JCS-2002-101-209
Lingyu Wang, Chao Yao, Anoop Singhal, Sushil Jajodia, Interactive analysis of attack graphs using relational queries Lecture Notes in Computer Science. pp. 119- 132 ,(2006) , 10.1007/11805588_9
M. Dacier, Y. Deswarte, M. Kaâniche, Models and tools for quantitative assessment of operational security information security. pp. 177- 186 ,(1996) , 10.1007/978-1-5041-2919-0_15
L. Williams, R. Lippmann, K. Ingols, An Interactive Attack Graph Cascade and Reachability Display visualization for computer security. pp. 221- 236 ,(2008) , 10.1007/978-3-540-78243-8_15
Lingyu Wang, Chao Yao, Anoop Singhal, Sushil Jajodia, Implementing interactive analysis of attack graphs using relational databases Journal of Computer Security. ,vol. 16, pp. 419- 437 ,(2008) , 10.3233/JCS-2008-0327