Skip to Main content Skip to Navigation
Conference papers

AGBuilder: An AI Tool for Automated Attack Graph Building, Analysis, and Refinement

Abstract : Attack graphs are widely used for modeling attack scenarios that exploit vulnerabilities in computer systems and networked infrastructures. Essentially, an attack graph illustrates a what-if analysis, thereby, helping the network administrator to plan for potential security threats. However, current attack graph representations not only suffer from scaling issues, but also are difficult to generate. Despite efforts from the research community there are no automated tools for generating attack graphs from textual descriptions of vulnerabilities such as those from the Common Vulnerabilities and Exposures (CVE) in the National Vulnerability Database (NVD). Additionally, there is little support for incremental updates and refinements to an attack graph model. This is needed to reflect changes to an attack graph that arise because of changes to the vulnerability state of the underlying system being modeled. In this work, we present an artificial intelligence (AI) based planning tool, AGBuilder – Attack Graph Builder, for automatically generating, updating and refining attack graphs. A key contribution of AGBuilder is that it uses textual descriptions of vulnerabilities to automatically generate attack graphs. Another significant contribution is that, using AGBuilder, we describe a methodology to incrementally update attack graphs when the system changes. This aspect has not been addressed in prior research and is a crucial step for achieving resiliency in the face of evolving adversarial strategies. Finally, AGBuilder has the ability to reuse smaller attack graphs, e.g., when building a network of networks, and join them together to create larger attack graphs.
Document type :
Conference papers
Complete list of metadatas

Cited literature [29 references]  Display  Hide  Download

https://hal.inria.fr/hal-02384601
Contributor : Hal Ifip <>
Submitted on : Thursday, November 28, 2019 - 2:26:06 PM
Last modification on : Tuesday, May 26, 2020 - 12:48:04 PM
Long-term archiving on: : Saturday, February 29, 2020 - 4:39:11 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2022-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Bruhadeshwar Bezawada, Indrajit Ray, Kushagra Tiwary. AGBuilder: An AI Tool for Automated Attack Graph Building, Analysis, and Refinement. 33th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2019, Charleston, SC, United States. pp.23-42, ⟨10.1007/978-3-030-22479-0_2⟩. ⟨hal-02384601⟩

Share

Metrics

Record views

101