AGBuilder: An AI Tool for Automated Attack Graph Building, Analysis, and Refinement - Archive ouverte HAL Access content directly
Conference Papers Year : 2019

AGBuilder: An AI Tool for Automated Attack Graph Building, Analysis, and Refinement

(1) , (2, 3) , (2)
1
2
3

Abstract

Attack graphs are widely used for modeling attack scenarios that exploit vulnerabilities in computer systems and networked infrastructures. Essentially, an attack graph illustrates a what-if analysis, thereby, helping the network administrator to plan for potential security threats. However, current attack graph representations not only suffer from scaling issues, but also are difficult to generate. Despite efforts from the research community there are no automated tools for generating attack graphs from textual descriptions of vulnerabilities such as those from the Common Vulnerabilities and Exposures (CVE) in the National Vulnerability Database (NVD). Additionally, there is little support for incremental updates and refinements to an attack graph model. This is needed to reflect changes to an attack graph that arise because of changes to the vulnerability state of the underlying system being modeled. In this work, we present an artificial intelligence (AI) based planning tool, AGBuilder – Attack Graph Builder, for automatically generating, updating and refining attack graphs. A key contribution of AGBuilder is that it uses textual descriptions of vulnerabilities to automatically generate attack graphs. Another significant contribution is that, using AGBuilder, we describe a methodology to incrementally update attack graphs when the system changes. This aspect has not been addressed in prior research and is a crucial step for achieving resiliency in the face of evolving adversarial strategies. Finally, AGBuilder has the ability to reuse smaller attack graphs, e.g., when building a network of networks, and join them together to create larger attack graphs.
Fichier principal
Vignette du fichier
480962_1_En_2_Chapter.pdf (429.95 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-02384601 , version 1 (28-11-2019)

Licence

Attribution - CC BY 4.0

Identifiers

Cite

Bruhadeshwar Bezawada, Indrajit Ray, Kushagra Tiwary. AGBuilder: An AI Tool for Automated Attack Graph Building, Analysis, and Refinement. 33th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2019, Charleston, SC, United States. pp.23-42, ⟨10.1007/978-3-030-22479-0_2⟩. ⟨hal-02384601⟩
183 View
47 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More