Automatic Construction and Optimization of Layered Network Attack Graph

Wang, Yonggang; Gui, Nike; Hu, Jianbin; Chen, Zhong

doi:10.1007/978-90-481-3662-9_22

Yonggang Wang⁴,
Nike Gui⁴,
Jianbin Hu⁴ &
…
Zhong Chen⁴

1386 Accesses

Abstract

For solving scalability problem of Network Attack Graph(NAG), this paper presents a new method for network modeling based on layered NAG. Layered NAG includes “attack subgraph” and “attack supergraph”. The attack subgraph describes specific attack scenarios from the source host to the destination host and efficiently produces the attack planning after eliminating redundant paths and nodes. The attack supergraph describes the attacker’s privilege transition to allow the network administrator to evaluate the vulnerabilities of the network.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Hardcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

P. Ammann, J. Pamula, and R.Ritchey, “A Host– Based Approach to Network Attack Chaining Analysis”, Proceedings of the 21st Annual Computer Security Applications Conference 2005.
Google Scholar
R. Ritchey, B. O’Berry, and S. Noel, “Representing TCP/IP Connectivity for Topological Analysis of Network Security”, Proceedings of the 18th Annual Computer Security Applications Conference, 2002, pp. 25-31.
Google Scholar
O. Sheyner, “Scenario graphs and attack graphs”, PhD Thesis, School of Computer Science Carnegie Mellon University, 2004.
Google Scholar
L. Swiler, C. Phillips, D. Ellis, and S. Chakerian, “Computer-attack graph generation tool”, Proceedings of DARPA Information Survivability Conference & Exposition II, June 2001, pp. 307-321.
Google Scholar
P. Ammann, D. Wijesekera, and S. Kaushik, “Scalable graph-based vulnerability analysis”, Proceedings of the 9th ACM Conference on Computer and Communications Security, 2002, pp. 217-224.
Google Scholar

Download references

Author information

Authors and Affiliations

Network and Information Security Lab, Peking University, Beijing, 100871, China
Yonggang Wang, Nike Gui, Jianbin Hu & Zhong Chen

Authors

Yonggang Wang
View author publications
You can also search for this author in PubMed Google Scholar
Nike Gui
View author publications
You can also search for this author in PubMed Google Scholar
Jianbin Hu
View author publications
You can also search for this author in PubMed Google Scholar
Zhong Chen
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Yonggang Wang , Nike Gui , Jianbin Hu or Zhong Chen .

Editor information

Editors and Affiliations

School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA
Tarek Sobh
School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA
Khaled Elleithy
School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, USA
Ausif Mahmood

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Wang, Y., Gui, N., Hu, J., Chen, Z. (2010). Automatic Construction and Optimization of Layered Network Attack Graph. In: Sobh, T., Elleithy, K., Mahmood, A. (eds) Novel Algorithms and Techniques in Telecommunications and Networking. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-3662-9_22

Download citation

DOI: https://doi.org/10.1007/978-90-481-3662-9_22
Published: 12 December 2009
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-3661-2
Online ISBN: 978-90-481-3662-9
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics