Bayesian Attack Graphs for Security Risk Assessment
نویسندگان
چکیده
Attack graphs offer a powerful framework for security risk assessment. They provide a compact representation of the attack paths that an attacker can follow to compromise network resources from the analysis of the network topology and vulnerabilities. The uncertainty about the attacker’s behaviour makes Bayesian networks suitable to model attack graphs to perform static and dynamic security risk assessment. Thus, whilst static analysis of attack graphs considers the security posture at rest, dynamic analysis accounts for evidence of compromise at run-time, helping system administrators to react against potential threats. In this paper, we introduce a Bayesian attack graph model that allows to estimate the probabilities of an attacker compromising different resources of the network. We show how exact and approximate inference techniques can be efficiently applied on Bayesian attack graph models with
منابع مشابه
Bayesian Attack Model for Dynamic Risk Assessment
Because of the threat of advanced multi-step attacks, it is often difficult for security operators to completely cover all vulnerabilities when deploying remediations. Deploying sensors to monitor attacks exploiting residual vulnerabilities is not sufficient and new tools are needed to assess the risk associated to the security events produced by these sensors. Although attack graphs were propo...
متن کاملExact Inference Techniques for the Dynamic Analysis of Attack Graphs
Attack graphs are a powerful tool for security risk assessment by analysing network vulnerabilities and the paths attackers can use to compromise valuable network resources. The uncertainty about the attacker’s behaviour and capabilities make Bayesian networks suitable to model attack graphs to perform static and dynamic analysis. Previous approaches have focused on the formalization of traditi...
متن کاملHybrid Risk Assessment Model Based on Bayesian Networks
Because of the threat posed by advanced multi-step attacks, it is difficult for security operators to fully cover all vulnerabilities when deploying countermeasures. Deploying sensors to monitor attacks exploiting residual vulnerabilities is not sufficient and new tools are needed to assess the risk associated with the security events produced by these sensors. Although attack graphs were propo...
متن کاملGenetic Algorithm and Bayesian Attack Graph for Security Risk Analysis and Mitigation P.prakash
Risk assessment determines threats to critical resources and the corresponding loss expectancy.Bayesian network is used to model potential attack paths in a system. Knowledge of attackers and attack mechanisms are used to fetch the subset of attack paths. Security risk assessment and mitigation are two vital processes. Models such as attack graphs and attack trees are used to assess the cause-c...
متن کاملA Novel Attack Graph Posterior Inference Model Based on Bayesian Network
Network attack graphs are originally used to evaluate what the worst security state is when a concerned network is under attack. Combined with intrusion evidence such like IDS alerts, attack graphs can be further used to perform security state posterior inference (i.e. inference based on observation experience). In this area, Bayesian network is an ideal mathematic tool, however it can not be d...
متن کامل