Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Representing TCP/IP Connectivity For Topological Analysis of Network Security
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Using Model Checking to Analyze Network Vulnerabilities
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Scenario graphs and attack graphs
Scenario graphs and attack graphs
A weakest-adversary security metric for network configuration security analysis
Proceedings of the 2nd ACM workshop on Quality of protection
Common Vulnerability Scoring System
IEEE Security and Privacy
A short convergence proof for a class of ant colony optimizationalgorithms
IEEE Transactions on Evolutionary Computation
Hi-index | 0.00 |
Attack graph is a tool to analyze multi-stage, multi-host attack scenarios in a network. Each attack scenario is depicted by an attack path which is essentially a series of exploits with a severity score that presents a comparative desirability of a particular network service. In an attack graph with a large number of attack paths, it may not be feasible for the administrator to plug all the vulnerabilities. Moreover, in a dynamic environment where the severity of an exploit changes with time, a framework is required that detects an optimal attack path or most favored path from a given attack graph in an environment. This paper proposes a framework for finding out an optimal attack path using Ant Colony Optimization (ACO) technique under a dynamic environment. Given an attack graph and the severity scores of the exploits, an optimal attack path is detected using customized ACO algorithms. A case study has been presented to demonstrate the efficacy of the proposed methodology.