Finding the minimum cut set in attack graphs using genetic algorithms

Attack graphs are useful tools to both display possible attack vectors in simple systems and as an analysis tool for more complex systems. This paper considers the latter case and how an attack graph can be used to minimize the cost of deploying countermeasures. Specifically we develop an approach to find the minimum cut set in dependency attack graphs using a genetic algorithm (GA). The minimum cut set is a natural graph representation describing a set of security countermeasures that prevent attackers reaching their targets. The work shows that the problem maps naturally to a binary encoded GA and gives satisfactory results without the need to deploy problem specific GA operators.

[1]  Sushil Jajodia,et al.  Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.

[2]  Lingyu Wang,et al.  A Heuristic Approach to Minimum-Cost Network Hardening Using Attack Graph , 2008, 2008 New Technologies, Mobility and Security.

[3]  Ravindra K. Ahuja,et al.  Network Flows: Theory, Algorithms, and Applications , 1993 .

[4]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[5]  Xinming Ou,et al.  Identifying Critical Attack Assets in Dependency Attack Graphs , 2008, ESORICS.

[6]  Sushil Jajodia,et al.  Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..

[7]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[8]  Sushil Jajodia,et al.  Efficient minimum-cost network hardening via exploit dependency graphs , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[9]  Soumya K. Ghosh,et al.  A planner-based approach to generate and analyze minimal attack graph , 2010, Applied Intelligence.