USING BINARY PARTICLE SWARM OPTIMIZATION FOR MINIMIZATION ANALYSIS OF LARGE-SCALE NETWORK ATTACK GRAPHS

The aim of the minimization analysis of network attack graphs (NAGs) is to nd a minimum critical set of exploits so that by preventing them an intruder cannot reach his goal using any attack scenario. This problem is, in fact, a constrained optimization problem. In this paper, a binary particle swarm optimization algorithm, called SwarmNAG, is presented for the minimization analysis of large-scale network attack graphs. A penalty function method with a time-varying penalty coecient is used to convert the constrained optimization problem into an unconstrained problem. Also, a time-varying velocity clamping, a greedy mutation operator and a local search heuristic are used to improve the overall performance of the algorithm. The performance of the SwarmNAG is compared with that of an approximation algorithm for the minimization analysis of several large-scale network attack graphs. The results of the experiments show that the SwarmNAG outperforms the approximation algorithm and nds a critical set of exploits with less cardinality.

[1]  Riccardo Poli,et al.  Particle swarm optimization , 1995, Swarm Intelligence.

[2]  Russell C. Eberhart,et al.  A discrete binary version of the particle swarm algorithm , 1997, 1997 IEEE International Conference on Systems, Man, and Cybernetics. Computational Cybernetics and Simulation.

[3]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[4]  Andries Petrus Engelbrecht,et al.  Fundamentals of Computational Swarm Intelligence , 2005 .

[5]  Konstantinos E. Parsopoulos,et al.  PARTICLE SWARM OPTIMIZER IN NOISY AND CONTINUOUSLY CHANGING ENVIRONMENTS , 2001 .

[6]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[7]  Paul Ammann,et al.  A host-based approach to network attack chaining analysis , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[8]  J.G. Vlachogiannis,et al.  A Comparative Study on Particle Swarm Optimization for Optimal Steady-State Performance of Power Systems , 2006, IEEE Transactions on Power Systems.

[9]  Fausto Giunchiglia,et al.  NUSMV: a new symbolic model checker , 2000, International Journal on Software Tools for Technology Transfer.

[10]  Somesh Jha,et al.  Minimization and Reliability Analyses of Attack Graphs , 2002 .

[11]  A. E. Eiben,et al.  Introduction to Evolutionary Computing , 2003, Natural Computing Series.

[12]  Edmund M. Clarke,et al.  Ranking Attack Graphs , 2006, RAID.

[13]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[14]  Mauro Birattari,et al.  Swarm Intelligence , 2012, Lecture Notes in Computer Science.

[15]  James M. Hereford,et al.  Using the Particle Swarm Optimization Algorithm for Robotic Search Applications , 2007, 2007 IEEE Swarm Intelligence Symposium.

[16]  R. Eberhart,et al.  Empirical study of particle swarm optimization , 1999, Proceedings of the 1999 Congress on Evolutionary Computation-CEC99 (Cat. No. 99TH8406).

[17]  E. Alba,et al.  Metaheuristic Procedures for Training Neutral Networks , 2006 .

[18]  R. W. Dobbins,et al.  Computational intelligence PC tools , 1996 .

[19]  Peng-Yeng Yin,et al.  A discrete particle swarm algorithm for optimal polygonal approximation of digital curves , 2004, J. Vis. Commun. Image Represent..

[20]  J. G. Vlachogiannis,et al.  Constricted Local-Neighborhood Particle Swarm Optimization with Passive Congregation Applied in Reactive Power and Voltage Control , 2006 .

[21]  Marcus Randall,et al.  A survey of ant colony and particle swarm meta-heuristics and their application to discrete optimisation problems , 2001 .

[22]  Tim Hendtlass,et al.  The Suitability of Particle Swarm Optimisation for Training Neural Hardware , 2002, IEA/AIE.

[23]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[24]  Chilukuri K. Mohan,et al.  Multi-phase Discrete Particle Swarm Optimization , 2002, JCIS.

[25]  Sushil Jajodia,et al.  Multiple coordinated views for network attack graphs , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..