Conceptual Abstraction of Attack Graphs - A Use Case of securiCAD

Attack graphs quickly become large and challenging to understand and overview. As a means to ease this burden this paper presents an approach to introduce conceptual hierarchies of attack graphs. In this approach several attack steps are aggregated into abstract attack steps that can be given more comprehensive names. With such abstract attack graphs, it is possible to drill down, in several steps, to gain more granularity, and to move back up. The approach has been applied to the attack graphs generated by the cyber threat modeling tool securiCAD.

[1]  Mathias Ekstedt,et al.  pwnPr3d: An Attack-Graph-Driven Probabilistic Threat-Modeling Approach , 2016, 2016 11th International Conference on Availability, Reliability and Security (ARES).

[2]  Steven Noel,et al.  Chapter 4 – CyGraph: Graph-Based Analytics and Visualization for Cybersecurity , 2016 .

[3]  Eric Li,et al.  From A to Z: Developing a Visual Vocabulary for Information Security Threat Visualisation , 2016, GraMSec@CSF.

[4]  Igor V. Kotenko,et al.  Attack Graph Based Evaluation of Network Security , 2006, Communications and Multimedia Security.

[5]  Khurram Shahzad,et al.  Securi CAD by Foreseeti: A CAD Tool for Enterprise Cyber Security Management , 2015, 2015 IEEE 19th International Enterprise Distributed Object Computing Workshop.

[6]  Mathias Ekstedt,et al.  A Meta Language for Threat Modeling and Attack Simulations , 2018, ARES.

[7]  Jin B. Hong,et al.  HARMs: Hierarchical Attack Representation Models for Network Security Analysis , 2012, AISM 2012.

[8]  Michael Lyle Artz,et al.  NetSPA : a Network Security Planning Architecture , 2002 .

[9]  Xinming Ou,et al.  Improving Attack Graph Visualization through Data Reduction and Attack Grouping , 2008, VizSEC.

[10]  Jin B. Hong,et al.  A survey on the usability and practical applications of Graphical Security Models , 2017, Comput. Sci. Rev..

[11]  Mathias Ekstedt,et al.  The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures , 2013, IEEE Systems Journal.

[12]  Sushil Jajodia,et al.  Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.

[13]  Kerem Kaynar,et al.  A taxonomy for attack graph generation and usage in network security , 2016, J. Inf. Secur. Appl..