Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs
Journal of Network and Systems Management
| Hi-index | 0.00 |
In today's large complex organizational network, security is a challenging task for most of the administrators. The typical means by which an attacker breaks into a network is through a series of exploits, where each exploit in the series satisfies the pre-condition for subsequent exploits and makes a causal relationship among them. Such a series of exploits constitutes an attack path and the set of all possible attack paths form an attack graph. Present day vulnerability scanners are able to identify the vulnerabilities in isolation but there is a need for correlation among these vulnerabilities to identify overall risk of the network. In this paper we propose a novel approach by finding out an attack path consisting of logically connected exploits and extends it to an attack graph. The solution also finds out the set of root cause vulnerabilities for overall security threat while taking care the inherent time and scalability problem of attack graph generation.