Scalable attack graph for risk assessment

Jehyun Lee, Heejo Leet, Hoh In

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Citations (Scopus)

Abstract

The growth in the size of networks and the number of vulnerabilities is increasingly challenging to manage network security. Especially, difficult to manage are multi-step attacks which are attacks using one or more vulnerabilities as stepping stones. Attack graphs are widely used for analyzing multi-step attacks. However, since these graphs had large sizes, it was too expensive to work with. In this paper, we propose a mechanism to manage attack graphs using a divide and conquer approach. To enhance efficiency of risk analyzer working with attack graphs, we converted a large graph to multiple sub-graphs named risk units and provide the light-weighted graphs to the analyzers. As a result, when k order of time complexity algorithms work with an attack graph with n vertices, a division having c of overhead vertices reduces the workloads from nk to r(n+c)k And the coefficient r becomes smaller geometrically from 2-k depended on their division rounds. By this workload reduction, risk assessment processes which work with large size attack graphs become more scalable and resource practical.

Original languageEnglish
Title of host publication2009 International Conference on Information Networking, ICOIN 2009
Publication statusPublished - 2009 Dec 1
Event2009 International Conference on Information Networking, ICOIN 2009 - Chiang Mai, Thailand
Duration: 2009 Jan 212009 Jan 24

Other

Other2009 International Conference on Information Networking, ICOIN 2009
CountryThailand
CityChiang Mai
Period09/1/2109/1/24

Fingerprint

Risk assessment
Network security

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Networks and Communications
  • Hardware and Architecture

Cite this

Lee, J., Leet, H., & In, H. (2009). Scalable attack graph for risk assessment. In 2009 International Conference on Information Networking, ICOIN 2009 [4897263]

Scalable attack graph for risk assessment. / Lee, Jehyun; Leet, Heejo; In, Hoh.

2009 International Conference on Information Networking, ICOIN 2009. 2009. 4897263.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Lee, J, Leet, H & In, H 2009, Scalable attack graph for risk assessment. in 2009 International Conference on Information Networking, ICOIN 2009., 4897263, 2009 International Conference on Information Networking, ICOIN 2009, Chiang Mai, Thailand, 09/1/21.
Lee J, Leet H, In H. Scalable attack graph for risk assessment. In 2009 International Conference on Information Networking, ICOIN 2009. 2009. 4897263
Lee, Jehyun ; Leet, Heejo ; In, Hoh. / Scalable attack graph for risk assessment. 2009 International Conference on Information Networking, ICOIN 2009. 2009.
@inproceedings{45883bcbcf864d389ab3dee86baa62fa,
title = "Scalable attack graph for risk assessment",
abstract = "The growth in the size of networks and the number of vulnerabilities is increasingly challenging to manage network security. Especially, difficult to manage are multi-step attacks which are attacks using one or more vulnerabilities as stepping stones. Attack graphs are widely used for analyzing multi-step attacks. However, since these graphs had large sizes, it was too expensive to work with. In this paper, we propose a mechanism to manage attack graphs using a divide and conquer approach. To enhance efficiency of risk analyzer working with attack graphs, we converted a large graph to multiple sub-graphs named risk units and provide the light-weighted graphs to the analyzers. As a result, when k order of time complexity algorithms work with an attack graph with n vertices, a division having c of overhead vertices reduces the workloads from nk to r(n+c)k And the coefficient r becomes smaller geometrically from 2-k depended on their division rounds. By this workload reduction, risk assessment processes which work with large size attack graphs become more scalable and resource practical.",
author = "Jehyun Lee and Heejo Leet and Hoh In",
year = "2009",
month = "12",
day = "1",
language = "English",
isbn = "9788996076131",
booktitle = "2009 International Conference on Information Networking, ICOIN 2009",

}

TY - GEN

T1 - Scalable attack graph for risk assessment

AU - Lee, Jehyun

AU - Leet, Heejo

AU - In, Hoh

PY - 2009/12/1

Y1 - 2009/12/1

N2 - The growth in the size of networks and the number of vulnerabilities is increasingly challenging to manage network security. Especially, difficult to manage are multi-step attacks which are attacks using one or more vulnerabilities as stepping stones. Attack graphs are widely used for analyzing multi-step attacks. However, since these graphs had large sizes, it was too expensive to work with. In this paper, we propose a mechanism to manage attack graphs using a divide and conquer approach. To enhance efficiency of risk analyzer working with attack graphs, we converted a large graph to multiple sub-graphs named risk units and provide the light-weighted graphs to the analyzers. As a result, when k order of time complexity algorithms work with an attack graph with n vertices, a division having c of overhead vertices reduces the workloads from nk to r(n+c)k And the coefficient r becomes smaller geometrically from 2-k depended on their division rounds. By this workload reduction, risk assessment processes which work with large size attack graphs become more scalable and resource practical.

AB - The growth in the size of networks and the number of vulnerabilities is increasingly challenging to manage network security. Especially, difficult to manage are multi-step attacks which are attacks using one or more vulnerabilities as stepping stones. Attack graphs are widely used for analyzing multi-step attacks. However, since these graphs had large sizes, it was too expensive to work with. In this paper, we propose a mechanism to manage attack graphs using a divide and conquer approach. To enhance efficiency of risk analyzer working with attack graphs, we converted a large graph to multiple sub-graphs named risk units and provide the light-weighted graphs to the analyzers. As a result, when k order of time complexity algorithms work with an attack graph with n vertices, a division having c of overhead vertices reduces the workloads from nk to r(n+c)k And the coefficient r becomes smaller geometrically from 2-k depended on their division rounds. By this workload reduction, risk assessment processes which work with large size attack graphs become more scalable and resource practical.

UR - http://www.scopus.com/inward/record.url?scp=77951428960&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77951428960&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:77951428960

SN - 9788996076131

BT - 2009 International Conference on Information Networking, ICOIN 2009

ER -