Analysis of Complex Networks for Security Issues using Attack Graph

Tanvirali Musa, Kheng Cher Yeo, Sami Azam, Bharanidharan Shanmugam, Asif Karim, Friso De Boer, Fernaz Narin Nur, Fahad Faisal

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in ProceedingsResearchpeer-review

Abstract

Organizations perform security analysis for assessing network health and safe-guarding their growing networks through Vulnerability Assessments (AKA VA Scans). The output of VA scans is reports on individual hosts and its vulnerabilities, which, are of little use as the origin of the attack can't be located from these. Attack Graphs, generated without an in-depth analysis of the VA reports, are used to fill in these gaps, but only provide cursory information. This study presents an effective model of depicting the devices and the data flow that efficiently identifies the weakest nodes along with the concerned vulnerability's origin.The complexity of the attach graph using MulVal has been greatly reduced using the proposed approach of using the risk and CVSS base score as evaluation criteria. This makes it easier for the user to interpret the attack graphs and thus reduce the time taken needed to identify the attack paths and where the attack originates from.

Original languageEnglish
Title of host publication2019 International Conference on Computer Communication and Informatics, ICCCI 2019
PublisherIEEE, Institute of Electrical and Electronics Engineers
Number of pages6
ISBN (Electronic)9781538682593
DOIs
Publication statusPublished - 2019
Event9th International Conference on Computer Communication and Informatics, ICCCI 2019 - Coimbatore, Tamil Nadu, India
Duration: 23 Jan 201925 Jan 2019

Publication series

Name2019 International Conference on Computer Communication and Informatics, ICCCI 2019

Conference

Conference9th International Conference on Computer Communication and Informatics, ICCCI 2019
CountryIndia
CityCoimbatore, Tamil Nadu
Period23/01/1925/01/19

Fingerprint

Complex networks
Complex Networks
vulnerability
Attack
Health
Vulnerability
Graph in graph theory
Growing Networks
Security Analysis
Data Flow
health
evaluation
Security issues
Graph
Path
Output
Evaluation
Vertex of a graph

Cite this

Musa, T., Yeo, K. C., Azam, S., Shanmugam, B., Karim, A., Boer, F. D., ... Faisal, F. (2019). Analysis of Complex Networks for Security Issues using Attack Graph. In 2019 International Conference on Computer Communication and Informatics, ICCCI 2019 [8822179] (2019 International Conference on Computer Communication and Informatics, ICCCI 2019). IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ICCCI.2019.8822179
Musa, Tanvirali ; Yeo, Kheng Cher ; Azam, Sami ; Shanmugam, Bharanidharan ; Karim, Asif ; Boer, Friso De ; Nur, Fernaz Narin ; Faisal, Fahad. / Analysis of Complex Networks for Security Issues using Attack Graph. 2019 International Conference on Computer Communication and Informatics, ICCCI 2019. IEEE, Institute of Electrical and Electronics Engineers, 2019. (2019 International Conference on Computer Communication and Informatics, ICCCI 2019).
@inproceedings{be2a8e0b257c47d094329c2d83b95523,
title = "Analysis of Complex Networks for Security Issues using Attack Graph",
abstract = "Organizations perform security analysis for assessing network health and safe-guarding their growing networks through Vulnerability Assessments (AKA VA Scans). The output of VA scans is reports on individual hosts and its vulnerabilities, which, are of little use as the origin of the attack can't be located from these. Attack Graphs, generated without an in-depth analysis of the VA reports, are used to fill in these gaps, but only provide cursory information. This study presents an effective model of depicting the devices and the data flow that efficiently identifies the weakest nodes along with the concerned vulnerability's origin.The complexity of the attach graph using MulVal has been greatly reduced using the proposed approach of using the risk and CVSS base score as evaluation criteria. This makes it easier for the user to interpret the attack graphs and thus reduce the time taken needed to identify the attack paths and where the attack originates from.",
keywords = "Attack Graph, Attack Graph Generation Tools., Network Vulnerabilities, Vulnerability Assessment",
author = "Tanvirali Musa and Yeo, {Kheng Cher} and Sami Azam and Bharanidharan Shanmugam and Asif Karim and Boer, {Friso De} and Nur, {Fernaz Narin} and Fahad Faisal",
year = "2019",
doi = "10.1109/ICCCI.2019.8822179",
language = "English",
series = "2019 International Conference on Computer Communication and Informatics, ICCCI 2019",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
booktitle = "2019 International Conference on Computer Communication and Informatics, ICCCI 2019",
address = "United States",

}

Musa, T, Yeo, KC, Azam, S, Shanmugam, B, Karim, A, Boer, FD, Nur, FN & Faisal, F 2019, Analysis of Complex Networks for Security Issues using Attack Graph. in 2019 International Conference on Computer Communication and Informatics, ICCCI 2019., 8822179, 2019 International Conference on Computer Communication and Informatics, ICCCI 2019, IEEE, Institute of Electrical and Electronics Engineers, 9th International Conference on Computer Communication and Informatics, ICCCI 2019, Coimbatore, Tamil Nadu, India, 23/01/19. https://doi.org/10.1109/ICCCI.2019.8822179

Analysis of Complex Networks for Security Issues using Attack Graph. / Musa, Tanvirali; Yeo, Kheng Cher; Azam, Sami; Shanmugam, Bharanidharan; Karim, Asif; Boer, Friso De; Nur, Fernaz Narin; Faisal, Fahad.

2019 International Conference on Computer Communication and Informatics, ICCCI 2019. IEEE, Institute of Electrical and Electronics Engineers, 2019. 8822179 (2019 International Conference on Computer Communication and Informatics, ICCCI 2019).

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in ProceedingsResearchpeer-review

TY - GEN

T1 - Analysis of Complex Networks for Security Issues using Attack Graph

AU - Musa, Tanvirali

AU - Yeo, Kheng Cher

AU - Azam, Sami

AU - Shanmugam, Bharanidharan

AU - Karim, Asif

AU - Boer, Friso De

AU - Nur, Fernaz Narin

AU - Faisal, Fahad

PY - 2019

Y1 - 2019

N2 - Organizations perform security analysis for assessing network health and safe-guarding their growing networks through Vulnerability Assessments (AKA VA Scans). The output of VA scans is reports on individual hosts and its vulnerabilities, which, are of little use as the origin of the attack can't be located from these. Attack Graphs, generated without an in-depth analysis of the VA reports, are used to fill in these gaps, but only provide cursory information. This study presents an effective model of depicting the devices and the data flow that efficiently identifies the weakest nodes along with the concerned vulnerability's origin.The complexity of the attach graph using MulVal has been greatly reduced using the proposed approach of using the risk and CVSS base score as evaluation criteria. This makes it easier for the user to interpret the attack graphs and thus reduce the time taken needed to identify the attack paths and where the attack originates from.

AB - Organizations perform security analysis for assessing network health and safe-guarding their growing networks through Vulnerability Assessments (AKA VA Scans). The output of VA scans is reports on individual hosts and its vulnerabilities, which, are of little use as the origin of the attack can't be located from these. Attack Graphs, generated without an in-depth analysis of the VA reports, are used to fill in these gaps, but only provide cursory information. This study presents an effective model of depicting the devices and the data flow that efficiently identifies the weakest nodes along with the concerned vulnerability's origin.The complexity of the attach graph using MulVal has been greatly reduced using the proposed approach of using the risk and CVSS base score as evaluation criteria. This makes it easier for the user to interpret the attack graphs and thus reduce the time taken needed to identify the attack paths and where the attack originates from.

KW - Attack Graph

KW - Attack Graph Generation Tools.

KW - Network Vulnerabilities

KW - Vulnerability Assessment

UR - http://www.scopus.com/inward/record.url?scp=85072930711&partnerID=8YFLogxK

U2 - 10.1109/ICCCI.2019.8822179

DO - 10.1109/ICCCI.2019.8822179

M3 - Conference Paper published in Proceedings

T3 - 2019 International Conference on Computer Communication and Informatics, ICCCI 2019

BT - 2019 International Conference on Computer Communication and Informatics, ICCCI 2019

PB - IEEE, Institute of Electrical and Electronics Engineers

ER -

Musa T, Yeo KC, Azam S, Shanmugam B, Karim A, Boer FD et al. Analysis of Complex Networks for Security Issues using Attack Graph. In 2019 International Conference on Computer Communication and Informatics, ICCCI 2019. IEEE, Institute of Electrical and Electronics Engineers. 2019. 8822179. (2019 International Conference on Computer Communication and Informatics, ICCCI 2019). https://doi.org/10.1109/ICCCI.2019.8822179