Reconciliation engine and metric for network vulnerability assessment

Quantified Score

Visualization

Abstract

Vulnerability reconciliation is the process that analyses the output produced by one or more vulnerability scanners and provides a more succinct and high-level view of vulnerabilities and its overall impact factor in the network. Here attack graphs method is used for predicting the various ways of penetrating a network to reach its critical assets. In particular, automated analysis of network configuration and attacker exploits provides an attack graph showing all possible paths to critical assets. The aim is to implement Reconciliation engine for identifying the various critical vulnerabilities and a metric system for identifying the overall impact of the vulnerabilities in that network. The reconciliation process is done by analysing the results obtained from different vulnerability scanners and combining them. As part of this, vulnerability tools from commercial off-the-shelf (COTS), Government off-the-shelf (GOTS), and research laboratory were selected. The automatic extraction of vulnerability information for attack graph prediction is analysed. Vulnerability information describes what is required for a vulnerability to be exploited and what are the after effects of that exploitation. A data structure is analysed which is able to represent pre and post conditions of each vulnerabilities. The combined risk assessment provides a readily comprehensible picture of the risk posture, assisting the analyst in the definition of an acceptable risk posture for an operational system or preliminary system design. We would be finding a metric value for denoting the overall vulnerability of the network after analysing critical vulnerabilities.