Measuring Security Risk of Networks Using Attack Graphs

TLDR

Modern computer systems are threatened by attackers who exploit multiple vulnerabilities, and network security cannot be assessed merely by counting vulnerabilities. The study aims to assess network security by understanding how vulnerabilities combine to enable attacks. The authors construct attack‑graph models that simulate incremental penetration, propagate attack likelihoods, and score risk‑mitigation options using data from live scans and vulnerability databases. The model quantifies overall network security and enables analysis of cost‑benefit trade‑offs for security investment.

Abstract

Today’s computer systems face sophisticated attackers who combine multiple vulnerabilities to penetrate networks with devastating impact. The overall security of a network cannot be determined by simply counting the number of vulnerabilities. To accurately assess the security of networked systems, one must understand how vulnerabilities can be combined to stage an attack. We model such composition of vulnerabilities through attack graphs. By simulating incremental network penetration, and propagating attack likelihoods, we measure the overall security of a networked system. From this, we score risk mitigation options in terms of maximizing security and minimizing cost. We populate our attack graph models from live network scans and databases that have knowledge about properties such as vulnerability likelihood, impact, severity, and ease of exploitation. Our exible model can be used to quantify overall security of networked systems, and to study cost/benet tradeos for analyzing return on security investment.

References

Page 1

	Year	Citations

Page 1