Scalable attack path finding for increased security

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

Software vulnerabilities can be leveraged by attackers to gain control of a host. Attackers can then use the controlled hosts as stepping stones for compromising other hosts until they create a path to the critical assets. Consequently, network administrators must examine the protected network as a whole rather than each vulnerable host independently. To this end, various methods were suggested in order to analyze the multitude of attack paths in a given organizational network, for example, to identify the optimal attack paths. The down side of many of those methods is that they do not scale well to medium-large networks with hundreds or thousands of hosts. We suggest using graph reduction techniques in order to simplify the task of searching and eliminating optimal attacker paths. Results on an attack graph extracted from a network of a real organization with more than 300 hosts and 2400 vulnerabilities show that using the proposed graph reductions can improve the search time by a factor of 4 while maintaining the quality of the results.

Original languageEnglish
Title of host publicationCyber Security Cryptography and Machine Learning - 1st International Conference, CSCML 2017, Proceedings
EditorsShlomi Dolev, Sachin Lodha
PublisherSpringer Verlag
Pages234-249
Number of pages16
ISBN (Electronic)978-3-319-60080-2
ISBN (Print)9783319600796
DOIs
StatePublished - 2 Jun 2017
Event1st International Conference on Cyber Security Cryptography and Machine Learning, CSCML 2017 - Beer-Sheva, Israel
Duration: 29 Jun 201730 Jun 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10332 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference1st International Conference on Cyber Security Cryptography and Machine Learning, CSCML 2017
Country/TerritoryIsrael
CityBeer-Sheva
Period29/06/1730/06/17

Keywords

  • Attack graphs
  • Attack models
  • Graph reduction
  • Network security
  • Planning

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Scalable attack path finding for increased security'. Together they form a unique fingerprint.

Cite this