DAC '96 Proceedings of the 33rd annual Design Automation Conference
Models and tools for quantitative assessment of operational security
Information systems security
A graph-based system for network-vulnerability analysis
Proceedings of the 1998 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Counterexample-Guided Abstraction Refinement
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Two Formal Analys s of Attack Graphs
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Managing attack graph complexity through visual hierarchical aggregation
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Optimization algorithms for the minimum-cost satisfiability problem
Optimization algorithms for the minimum-cost satisfiability problem
Refinement strategies for verification methods based on datapath abstraction
ASP-DAC '06 Proceedings of the 2006 Asia and South Pacific Design Automation Conference
Measuring the attack surfaces of two FTP daemons
Proceedings of the 2nd ACM workshop on Quality of protection
A scalable approach to attack graph generation
Proceedings of the 13th ACM conference on Computer and communications security
Practical Attack Graph Generation for Network Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Minimum-cost network hardening using attack graphs
Computer Communications
Solving the minimum-cost satisfiability problem using SAT based branch-and-bound search
Proceedings of the 2006 IEEE/ACM international conference on Computer-aided design
Finding the K shortest hyperpaths
Computers and Operations Research
Optimal security hardening using multi-objective optimization on attack tree models of networks
Proceedings of the 14th ACM conference on Computer and communications security
An Attack Graph-Based Probabilistic Security Metric
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Improving Attack Graph Visualization through Data Reduction and Attack Grouping
VizSec '08 Proceedings of the 5th international workshop on Visualization for Computer Security
Measuring Network Security Using Bayesian Network-Based Attack Graphs
COMPSAC '08 Proceedings of the 2008 32nd Annual IEEE International Computer Software and Applications Conference
Extending logical attack graphs for efficient vulnerability analysis
Proceedings of the 15th ACM conference on Computer and communications security
Declarative Infrastructure Configuration Synthesis and Debugging
Journal of Network and Systems Management
Identifying Critical Attack Assets in Dependency Attack Graphs
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Sat-solving approaches to context-aware enterprise network security management
IEEE Journal on Selected Areas in Communications - Special issue on network infrastructure configuration
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
IEEE Transactions on Software Engineering
Zchaff2004: an efficient SAT solver
SAT'04 Proceedings of the 7th international conference on Theory and Applications of Satisfiability Testing
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Search pruning techniques in SAT-based branch-and-bound algorithms for the binate covering problem
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
| Hi-index | 0.00 |
It has long been recognized that it can be tedious and even infeasible for system administrators to figure out critical security problems residing in full attack graphs, even for small-sized enterprise networks. Therefore a trade-off between analysis accuracy and efficiency needs to be made to achieve a reasonable balance between completeness of the attack graph and its usefulness. In this paper, we provide an approach to attack graph distillation, so that the user can control the amount of information presented by sifting out the most critical portion of the full attack graph. The user can choose to see only the k most critical attack paths, based on specified severity metrics, e.g. the likelihood for an attacker to carry out certain exploit on certain machine and the chance of success. We transform an dependency attack graph into a Boolean formula and assign cost metrics to attack variables in the formula, based on the severity metrics. We then apply Minimum-Cost SAT Solving (MCSS) to find the most critical path in terms of the least cost incurred for the attacker to deploy multi-step attacks leading to certain crucial assets in the network. An iterative process inspired by Counter Example Guided Abstraction and Refinement (CEGAR) is designed to efficiently guide the MCSS to render solutions that contain a controlled number of realistic attack paths, forming a critical attack graph surface. Our method can distill critical attack graph surfaces from the full attack graphs generated for moderate-sized enterprise networks in only several minutes. Experiments on various sized network scenarios show that even for a small-sized critical attack graph surface (around 15% the size of the original full attack graph), the calculated risk metrics are good approximation of the values computed with the full attack graph, meaning the distilled critical attack graph surface is able to capture the crucial security problems in an enterprise network for further in-depth analysis.