Security risk prioritization for logical attack graphs

Date

2008-12-22T14:40:57Z

Journal Title

Journal ISSN

Volume Title

Publisher

Kansas State University

Abstract

To prevent large networks from potential security threats, network administrators need to know in advance what components of their networks are under high security risk. One way to obtain this knowledge is via attack graphs. Various types of attack graphs based on miscellaneous techniques has been proposed. However, attack graphs can only make assertion about different paths that an attacker can take to compromise the network. This information is just half the solution in securing a particular network. Network administrators need to analyze an attack graph to be able to identify the associated risk. Provided that attack graphs can get very large in size, it would be very difficult for them to perform the task. In this thesis, I provide a security risk prioritization algorithm to rank logical attack graphs produced by MulVAL (A vulnerability analysis system) . My proposed method (called StepRank) is based on a previously published algorithm called AssetRank that generalizes over Google's PageRank algorithm. StepRank considers a forward attack graph that is a reversed version of the original MulVAL attack graph used by AssetRank. The result of the ranking algorithm is a rank value for each node that is relative to every other rank value and shows how difficult it is for an attacker to satisfy a node.

Description

Keywords

Computer Security, Network Security

Graduation Month

December

Degree

Master of Science

Department

Department of Computing and Information Sciences

Major Professor

William H. Hsu; Xinming (Simon) Ou

Date

2008

Type

Thesis

Citation