TAG: Topological attack Graph Analysis Toll

TAG: Topological attack Graph Analysis Toll
Typ publikacji
Data dokładna
Autorzy słownie
Informacje dodatkowe

[Referat wygłoszony na: 3rd Cyber Security in Networking Conference (CSNet 2019), 23-25.10.2019 r., Quito, Ekwador]
DOI: 10.1109/CSNet47905.2019.9108979

Abstract:  Attack graphs are a relatively new – at least, from the point of view of a practical usage – method for modeling multistage cyber-attacks. They allow to understand how seemingly unrelated vulnerabilities may be combined together by an attacker to form a chain of hostile actions that enable to compromise a key resource. An attack graph is also the starting point for providing recommendations for corrective actions that would fix or mask security problems and prevent the attacks. In the paper, we propose TAG, a topological attack graph analysis tool designed to support a user in a security evaluation and countermeasure selection. TAG employs an improved version of MulVAL inference engine, estimates a security level on the basis of attack graph and attack paths scoring, and recommends remedial actions that improve the security of the analyzed system.

Keywords: attack graphs, cyber security, cyber defense, security evaluation, situational awareness

Powiązane publikacje
do góry