Skip to main content
SpringerLink
Log in

Towards Metric-Driven, Application-Specific Visualization of Attack Graphs

  • Conference paper
  • First Online:
Foundations and Practice of Security (FPS 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10128))

Included in the following conference series:

  • 840 Accesses

Abstract

As a model of vulnerability information, attack graph has seen successes in many automated analyses for defending computer networks against potential intrusions. On the other hand, attack graph has long been criticized for the lack of scalability when serving as a visualization model for conveying vulnerability information to human analysts. In this paper, we propose two novel approaches to improving attack graph visualization. First, we employ recent advances in network security metrics to design metric-driven visualization techniques, which render the most critical information the most visible. Second, existing techniques usually aim at an one-size-fits-all solution, which actually renders them less effective for specific applications, and hence we propose to design application-specific visualization solutions for network overview and situational awareness. We discuss the models, algorithms, implementation, and simulation results.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217–224. ACM (2002)

    Google Scholar 

  2. Anderson, J.W.: Hyperbolic Geometry. Springer, New York (2007)

    Google Scholar 

  3. Belmonte, N.G.: The JavaScript InfoVis toolkit. http://www.thejit.org. Accessed 2 Mar 2013

  4. Bourke, P.: Colour ramping for data visualization. http://local.wasp.uwa.edu.au/pbourke/texture_colour/colourramp/. Accessed 18 Nov 2012

  5. Catmull, E., Rom, R.: A class of local interpolating splines. Comput. Aided Geom. Des. 74, 317–326 (1974)

    Article  Google Scholar 

  6. Chu, M., Ingols, K., Lippmann, R., Webster, S., Boyer, S.: Visualizing attack graphs, reachability, and trust relationships with navigator. In: Proceedings of the Seventh International Symposium on Visualization for Cyber Security, pp. 22–33. ACM (2010)

    Google Scholar 

  7. Ellson, J., Gansner, E., Koutsofios, L., North, S.C., Woodhull, G.: Graphviz—open source graph drawing tools. In: Mutzel, P., Jünger, M., Leipert, S. (eds.) GD 2001. LNCS, vol. 2265, pp. 483–484. Springer, Heidelberg (2002). doi:10.1007/3-540-45848-4_57

    Chapter  Google Scholar 

  8. Frigault, M., Wang, L., Singhal, A., Jajodia, S.: Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM workshop on Quality of protection, QoP 2008, pp. 23–30. ACM, New York (2008)

    Google Scholar 

  9. Holten, D.: Hierarchical edge bundles: visualization of adjacency relations in hierarchical data. IEEE Trans. Visual. Comput. Graph. 12, 741–748 (2006)

    Article  Google Scholar 

  10. Jarvis, R.A.: On the identification of the convex hull of a finite set of points in the plane. Inf. Process. Lett. 2(1), 18–21 (1973)

    Article  MathSciNet  MATH  Google Scholar 

  11. Johnson, B., Shneiderman, B.: Tree-maps: a space-filling approach to the visualization of hierarchical information structures. In: Proceedings of the IEEE Conference on Visualization 1991, pp. 284–291, October 1991

    Google Scholar 

  12. Krasner, G.E., Pope, S.T., et al.: A description of the model-view-controller user interface paradigm in the smalltalk-80 system. J. Object Oriented Program. 1(3), 26–49 (1988)

    Google Scholar 

  13. Lamping, J., Rao, R., Pirolli, P.: A focus+context technique based on hyperbolic geometry for visualizing large hierarchies. In: Proceedings of the SIGCHI conference on Human Factors in Computing Systems, CHI 1995, pp. 401–408. ACM Press/Addison-Wesley Publishing Co., New York (1995)

    Google Scholar 

  14. Livnat, Y., Agutter, J., Moon, S., Erbacher, R.F., Foresti, S.: A visualization paradigm for network intrusion detection, pp. 92–99 (2005)

    Google Scholar 

  15. Livnat, Y., Agutter, J., Moon, S., Foresti, S.: Visual correlation for situational awareness. In: IEEE Symposium on Information Visualization, INFOVIS 2005, pp. 95–102. IEEE (2005)

    Google Scholar 

  16. Melancon, G., Herman, I.: Circular drawings of rooted trees. In: Reports of the Centre for Mathematics and Computer Sciences (1998)

    Google Scholar 

  17. Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 109–118. ACM (2004)

    Google Scholar 

  18. Noel, S., Jajodia, S.: Understanding complex network attack graphs through clustered adjacency matrices. In: ACSAC, pp. 160–169 (2005)

    Google Scholar 

  19. Xinming, O., Govindavajhala, S., Appel, A.W.: MulVal: a logic-based network security analyzer. In: 14th USENIX Security Symposium, pp. 1–16 (2005)

    Google Scholar 

  20. Prautzsch, H., Boehm, W., Paluszny, M.: Bézier and B-Spline Techniques. Springer, New York (2002)

    Book  MATH  Google Scholar 

  21. Schiffman, M.: The common vulnerability scoring system (CVSS), November 2005

    Google Scholar 

  22. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: 2002 Proceedings of the IEEE Symposium on Security and Privacy, pp. 273–284. IEEE (2002)

    Google Scholar 

  23. Shneiderman, B., Wattenberg, M.: Ordered treemap layouts. In: 2001 IEEE Symposium on Information Visualization, INFOVIS 2001, pp. 73–78 (2001)

    Google Scholar 

  24. Williams, L., Lippmann, R., Ingols, K.: GARNET: a graphical attack graph and reachability network evaluation tool. In: Visualization for Computer Security, pp. 44–59 (2008)

    Google Scholar 

  25. Williams, L., Lippmann, R., Ingols, K.: An interactive attack graph cascade and reachability display. In: VizSEC 2007, pp. 221–236 (2008)

    Google Scholar 

Download references

Acknowledgements

The authors thank the anonymous reviewers for their valuable comments. This work is partially supported by Natural Science and Engineering Research Council of Canada under Grant N01035.

Author information

Authors and Affiliations

  1. Concordia Institute for Information Systems Engineering, Concordia University, Montreal, Canada

    Mickael Emirkanian-Bouchard & Lingyu Wang

Authors
  1. Mickael Emirkanian-Bouchard
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lingyu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lingyu Wang .

Editor information

Editors and Affiliations

  1. Télécom Bretagne, Cesson Sévigné, France

    Frédéric Cuppens

  2. Concordia Inst for Info, Concordia University, Montreal, Québec, Canada

    Lingyu Wang

  3. Cesson-Sevigne, Télécom Bretagne, Cesson Sévigné, France

    Nora Cuppens-Boulahia

  4. Local 3950, pavillon Adrien Pouliot, Université Laval, Quebec, Québec, Canada

    Nadia Tawbi

  5. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Emirkanian-Bouchard, M., Wang, L. (2017). Towards Metric-Driven, Application-Specific Visualization of Attack Graphs. In: Cuppens, F., Wang, L., Cuppens-Boulahia, N., Tawbi, N., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2016. Lecture Notes in Computer Science(), vol 10128. Springer, Cham. https://doi.org/10.1007/978-3-319-51966-1_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-51966-1_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-51965-4

  • Online ISBN: 978-3-319-51966-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation