Strategies for Practical Hybrid Attack Graph Generation and Analysis

Digital Threats: Research and Practice Pub Date : 2021-10-15 DOI:10.1145/3491257

Ming Li, P. Hawrylak, J. Hale

{"title":"Strategies for Practical Hybrid Attack Graph Generation and Analysis","authors":"Ming Li, P. Hawrylak, J. Hale","doi":"10.1145/3491257","DOIUrl":null,"url":null,"abstract":"As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but also integrates components that operate in the continuous domain, such as sensors and actuators. Using AGs on CPSs requires that the system models and exploit patterns capture both token- and real-valued information. In this article, we describe a hybrid AG model for security analysis of CPSs and computer networks. Specifically, we focus on two issues related to applying the model in practice: efficient hybrid AG generation and techniques for information extraction from them. To address the first issue, we present an accelerated hybrid AG generator that employs parallel programming and high performance computing (HPC). We conduct performance tests on CPU and GPU platforms to characterize the efficiency of our parallel algorithms. To address the second issue, we introduce an analytical regimen based on centrality analysis and apply it to a hybrid AG generated for a target CPS system to discover effective vulnerability remediation solutions.","PeriodicalId":202552,"journal":{"name":"Digital Threats: Research and Practice","volume":"62 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Digital Threats: Research and Practice","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3491257","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but also integrates components that operate in the continuous domain, such as sensors and actuators. Using AGs on CPSs requires that the system models and exploit patterns capture both token- and real-valued information. In this article, we describe a hybrid AG model for security analysis of CPSs and computer networks. Specifically, we focus on two issues related to applying the model in practice: efficient hybrid AG generation and techniques for information extraction from them. To address the first issue, we present an accelerated hybrid AG generator that employs parallel programming and high performance computing (HPC). We conduct performance tests on CPU and GPU platforms to characterize the efficiency of our parallel algorithms. To address the second issue, we introduce an analytical regimen based on centrality analysis and apply it to a hybrid AG generated for a target CPS system to discover effective vulnerability remediation solutions.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

实用混合攻击图生成与分析策略

攻击图作为一种网络安全分析工具，能够发现目标计算机网络上的多阶段攻击向量。信息物理系统(cps)包括一种特殊类型的网络，它不仅包含计算设备，还集成了在连续域中运行的组件，如传感器和执行器。在cps上使用AGs需要系统模型和利用模式捕获令牌值和实值信息。在本文中，我们描述了一个用于cps和计算机网络安全分析的混合AG模型。具体来说，我们重点研究了与该模型在实践中的应用相关的两个问题:高效的混合AG生成和从中提取信息的技术。为了解决第一个问题，我们提出了一种采用并行编程和高性能计算(HPC)的加速混合AG生成器。我们在CPU和GPU平台上进行了性能测试，以表征我们并行算法的效率。为了解决第二个问题，我们引入了一种基于中心性分析的分析方案，并将其应用于为目标CPS系统生成的混合AG，以发现有效的漏洞修复解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Digital Threats: Research and Practice

自引率

0.00%

发文量