Foundations of logic programming
Foundations of logic programming
Maintaining views incrementally
SIGMOD '93 Proceedings of the 1993 ACM SIGMOD international conference on Management of data
XSB as an efficient deductive database engine
SIGMOD '94 Proceedings of the 1994 ACM SIGMOD international conference on Management of data
Finite Differencing of Computable Expressions
ACM Transactions on Programming Languages and Systems (TOPLAS)
Incremental Context-Dependent Analysis for Language-Based Editors
ACM Transactions on Programming Languages and Systems (TOPLAS)
Adaptive functional programming
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Principles of Database and Knowledge-Base Systems: Volume II: The New Technologies
Principles of Database and Knowledge-Base Systems: Volume II: The New Technologies
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Model-based analysis of configuration vulnerabilities
Journal of Computer Security
OLD Resolution with Tabulation
Proceedings of the Third International Conference on Logic Programming
Incremental Model Checking in the Modal Mu-Calculus
CAV '94 Proceedings of the 6th International Conference on Computer Aided Verification
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Incremental and demand-driven points-to analysis using logic programming
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Multiple Coordinated Views for Network Attack Graphs
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Understanding Complex Network Attack Graphs through Clustered Adjacency Matrices
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
A logic-programming approach to network security analysis
A logic-programming approach to network security analysis
NETRA:: seeing through access control
Proceedings of the fourth ACM workshop on Formal methods in security
A scalable approach to attack graph generation
Proceedings of the 13th ACM conference on Computer and communications security
Practical Attack Graph Generation for Network Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Minimum-cost network hardening using attack graphs
Computer Communications
MulVAL: a logic-based network security analyzer
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Security policy analysis using deductive spreadsheets
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Incremental evaluation of tabled logic programs
Incremental evaluation of tabled logic programs
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
Computer Communications
Validating and restoring defense in depth using attack graphs
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Interactive analysis of attack graphs using relational queries
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Incremental evaluation of tabled prolog: beyond pure logic programs
PADL'06 Proceedings of the 8th international conference on Practical Aspects of Declarative Languages
Rule-based topological vulnerability analysis
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Multi-aspect security configuration assessment
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
Effective network vulnerability assessment through model abstraction
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
Distilling critical attack graph surface iteratively through minimum-cost SAT solving
Proceedings of the 27th Annual Computer Security Applications Conference
Aggregating vulnerability metrics in enterprise networks using attack graphs
Journal of Computer Security
| Hi-index | 0.00 |
Attack graph illustrates all possible multi-stage, multi-host attacks in an enterprise network and is essential for vulnerability analysis tools. Recently, researchers have addressed the problem of scalable generation of attack graph by logical formulation of vulnerability analysis in an existing framework called MulVAL. In this paper, we take a step further to make attack graph-based vulnerability analysis useful and practical for real networks. Firstly, we extend the MulVAL framework to include more complex security policies existing in advanced operating systems. Secondly, we present an expressive view of the attack graph by including negation in the logical characterization, and we present an algorithm to generate it. Finally, we present an incremental algorithm which efficiently recomputes the attack graph in response to the changes in the inputs of the vulnerability analysis framework. This is particularly useful for mutation or "what-if" analysis, where network administrators want to view the effect of network or host parameter changes to the attack graph before pushing the changes on the network. Preliminary experiments demonstrate the effectiveness of our algorithms.