|
| | | | |
| | | |
| Stat |
Members: 3645
Articles: 2'503'724
Articles rated: 2609
23 April 2024 |
|
| | | | |
|
Article overview
| |
|
|
Cyclic Bayesian Attack Graphs: A Systematic Computational Approach | | Isaac Matthews
; John Mace
; Sadegh Soudjani
; Aad van Moorsel
; | | Date: |
13 May 2020 | | Abstract: | Attack graphs are commonly used to analyse the security of medium-sized to
large networks. Based on a scan of the network and likelihood information of
vulnerabilities, attack graphs can be transformed into Bayesian Attack Graphs
(BAGs). These BAGs are used to evaluate how security controls affect a network
and how changes in topology affect security. A challenge with these
automatically generated BAGs is that cycles arise naturally, which make it
impossible to use Bayesian network theory to calculate state probabilities. In
this paper we provide a systematic approach to analyse and perform computations
over cyclic Bayesian attack graphs. %thus providing a generic approach to
handle cycles as well as unifying the theory of Bayesian attack graphs. Our
approach first formally introduces two commonly used versions of Bayesian
attack graphs and compares their expressiveness. We then present an
interpretation of Bayesian attack graphs based on combinational logic circuits,
which facilitates an intuitively attractive systematic treatment of cycles. We
prove properties of the associated logic circuit and present an algorithm that
computes state probabilities without altering the attack graphs (e.g., remove
an arc to remove a cycle). Moreover, our algorithm deals seamlessly with all
cycles without the need to identify their types. A set of experiments using
synthetically created networks demonstrates the scalability of the algorithm on
computer networks with hundreds of machines, each with multiple
vulnerabilities. | | Source: | arXiv, 2005.6350 | | Services: | Forum | Review | PDF | Favorites | |
|
|
No review found.
Did you like this article?
Note: answers to reviews or questions about the article must be posted in the forum section.
Authors are not allowed to review their own article. They can use the forum section.
browser Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
|
| |
|
|
|
|
News, job offers and information for researchers and scientists:
| |
REGISTER