Scalable, graph-based network vulnerability analysis
P Ammann, D Wijesekera, S Kaushik - … of the 9th ACM Conference on …, 2002 - dl.acm.org
Even well administered networks are vulnerable to attack. Recent work in network security
has focused on the fact that combinations of exploits are the typical means by which an …
has focused on the fact that combinations of exploits are the typical means by which an …
Time-efficient and cost-effective network hardening using attack graphs
Attack graph analysis has been established as a powerful tool for analyzing network
vulnerability. However, previous approaches to network hardening look for exact solutions …
vulnerability. However, previous approaches to network hardening look for exact solutions …
A scalable approach to attack graph generation
X Ou, WF Boyer, MA McQueen - … of the 13th ACM conference on …, 2006 - dl.acm.org
Attack graphs are important tools for analyzing security vulnerabilities in enterprise
networks. Previous work on attack graphs has not provided an account of the scalability of …
networks. Previous work on attack graphs has not provided an account of the scalability of …
A host-based approach to network attack chaining analysis
P Ammann, J Pamula, R Ritchey… - 21st Annual Computer …, 2005 - ieeexplore.ieee.org
The typical means by which an attacker breaks into a network is through a chain of exploits,
where each exploit in the chain lays the groundwork for subsequent exploits. Such a chain is …
where each exploit in the chain lays the groundwork for subsequent exploits. Such a chain is …
Toward measuring network security using attack graphs
In measuring the overall security of a network, a crucial issue is to correctly compose the
measure of individual components. Incorrect compositions may lead to misleading results …
measure of individual components. Incorrect compositions may lead to misleading results …
Aggregating vulnerability metrics in enterprise networks using attack graphs
Quantifying security risk is an important and yet difficult task in enterprise network security
management. While metrics exist for individual software vulnerabilities, there is currently no …
management. While metrics exist for individual software vulnerabilities, there is currently no …
Metrics suite for network attack graph analytics
We describe a suite of metrics for measuring network-wide cyber security risk based on a
model of multi-step attack vulnerability (attack graphs). Our metrics are grouped into families …
model of multi-step attack vulnerability (attack graphs). Our metrics are grouped into families …
Tools for generating and analyzing attack graphs
O Sheyner, J Wing - International symposium on formal methods for …, 2003 - Springer
Attack graphs depict ways in which an adversary exploits system vulnerabilities to achieve a
desired state. System administrators use attack graphs to determine how vulnerable their …
desired state. System administrators use attack graphs to determine how vulnerable their …
A graph-based network-vulnerability analysis system
LP Swiler, C Phillips, T Gaylor - 1998 - osti.gov
This report presents a graph-based approach to network vulnerability analysis. The method
is flexible, allowing analysis of attacks from both outside and inside the network. It can …
is flexible, allowing analysis of attacks from both outside and inside the network. It can …
Distributed attack graph generation
K Kaynar, F Sivrikaya - IEEE Transactions on Dependable and …, 2015 - ieeexplore.ieee.org
Attack graphs show possible paths that an attacker can use to intrude into a target network
and gain privileges through series of vulnerability exploits. The computation of attack graphs …
and gain privileges through series of vulnerability exploits. The computation of attack graphs …