TY - GEN
T1 - Analysis of Complex Networks for Security Issues using Attack Graph
AU - Musa, Tanvirali
AU - Yeo, Kheng Cher
AU - Azam, Sami
AU - Shanmugam, Bharanidharan
AU - Karim, Asif
AU - Boer, Friso De
AU - Nur, Fernaz Narin
AU - Faisal, Fahad
PY - 2019
Y1 - 2019
N2 - Organizations perform security analysis for assessing network health and safe-guarding their growing networks through Vulnerability Assessments (AKA VA Scans). The output of VA scans is reports on individual hosts and its vulnerabilities, which, are of little use as the origin of the attack can't be located from these. Attack Graphs, generated without an in-depth analysis of the VA reports, are used to fill in these gaps, but only provide cursory information. This study presents an effective model of depicting the devices and the data flow that efficiently identifies the weakest nodes along with the concerned vulnerability's origin.The complexity of the attach graph using MulVal has been greatly reduced using the proposed approach of using the risk and CVSS base score as evaluation criteria. This makes it easier for the user to interpret the attack graphs and thus reduce the time taken needed to identify the attack paths and where the attack originates from.
AB - Organizations perform security analysis for assessing network health and safe-guarding their growing networks through Vulnerability Assessments (AKA VA Scans). The output of VA scans is reports on individual hosts and its vulnerabilities, which, are of little use as the origin of the attack can't be located from these. Attack Graphs, generated without an in-depth analysis of the VA reports, are used to fill in these gaps, but only provide cursory information. This study presents an effective model of depicting the devices and the data flow that efficiently identifies the weakest nodes along with the concerned vulnerability's origin.The complexity of the attach graph using MulVal has been greatly reduced using the proposed approach of using the risk and CVSS base score as evaluation criteria. This makes it easier for the user to interpret the attack graphs and thus reduce the time taken needed to identify the attack paths and where the attack originates from.
KW - Attack Graph
KW - Attack Graph Generation Tools.
KW - Network Vulnerabilities
KW - Vulnerability Assessment
UR - http://www.scopus.com/inward/record.url?scp=85072930711&partnerID=8YFLogxK
U2 - 10.1109/ICCCI.2019.8822179
DO - 10.1109/ICCCI.2019.8822179
M3 - Conference Paper published in Proceedings
VL - 1
T3 - 2019 International Conference on Computer Communication and Informatics, ICCCI 2019
SP - 1
EP - 6
BT - 2019 International Conference on Computer Communication and Informatics, ICCCI 2019
PB - IEEE, Institute of Electrical and Electronics Engineers
CY - Piscataway, NJ
T2 - 9th International Conference on Computer Communication and Informatics, ICCCI 2019
Y2 - 23 January 2019 through 25 January 2019
ER -