Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR
Proceedings of the Seventh International Symposium on Visualization for Cyber Security
k-zero day safety: measuring the security risk of networks against unknown attacks
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
An empirical study on using the national vulnerability database to predict software vulnerabilities
DEXA'11 Proceedings of the 22nd international conference on Database and expert systems applications - Volume Part I
Corporate networks security evaluation based on attack graphs
Proceedings of the 4th international conference on Security of information and networks
An agent-based model to simulate coordinated response to malware outbreak within an organisation
International Journal of Information and Computer Security
Aggregating vulnerability metrics in enterprise networks using attack graphs
Journal of Computer Security
Hi-index | 0.00 |
By accurately measuring risk for enterprise networks, attack graphs allow network defenders to understand the most critical threats and select the most effective countermeasures. This paper describes substantial enhancements to the NetSPA attack graph system required to model additional present-day threats (zero-day exploits and client-side attacks) and countermeasures (intrusion prevention systems, proxy firewalls, personal firewalls, and host-based vulnerability scans). Point-to-point reachability algorithms and structures were extensively redesigned to support "reverse" reachability computations and personal firewalls. Host-based vulnerability scans are imported and analyzed. Analysis of an operational network with 84 hosts demonstrates that client-side attacks pose a serious threat. Experiments on larger simulated networks demonstrated that NetSPA's previous excellent scaling is maintained. Less than two minutes are required to completely analyze a four-enclave simulated network with more than 40,000 hosts protected by personal firewalls.