Attack Graph Based Evaluation of Network Security

Abstract. The perspective directions in evaluating network security are simu-lating possible malefactor’s actions, building the representation of these actions as attack graphs (trees, nets), the subsequent checking of various properties of these graphs, and determining security metrics which can explain possible ways to increase security level. The paper suggests a new approach to security evaluation based on comprehensive simulation of malefactor’s actions, con-struction of attack graphs and computation of different security metrics. The approach is intended for using both at design and exploitation stages of com-puter networks. The implemented software system is described, and the exam-ples of experiments for analysis of network security level are considered

Using Strategy Objectives for Network Security Analysis

Abstract. The anticipation game framework is an extension of attack graphs based on game theory. It is used to anticipate and analyze intruder and administrator concurrent interactions with the network. Like attack-graph-based model checking, the goal of an anticipation game is to prove that a safety property holds. However using this kind of goal is tedious and error prone on large networks because it assumes that the analyst has prior and complete knowledge of critical network services. In this paper we address this issue by introducing a new kind of goal called “strategy objectives”. Strategy objectives mixes logical constraints and numerical ones. In order to achieve these strategy objectives, we have extended the anticipation games framework with cost and reward. Additionally this extension allows us to take into account the financial dimension of attacks during the analysis. We prove that finding the optimal strategy is decidable and only requires linear space. Finally we show that anticipation games with strategy objectives can be used in practice even on large networks by evaluating the performance of our prototype.