Abstract
As a model of vulnerability information, attack graph has seen successes in many automated analyses for defending computer networks against potential intrusions. On the other hand, attack graph has long been criticized for the lack of scalability when serving as a visualization model for conveying vulnerability information to human analysts. In this paper, we propose two novel approaches to improving attack graph visualization. First, we employ recent advances in network security metrics to design metric-driven visualization techniques, which render the most critical information the most visible. Second, existing techniques usually aim at an one-size-fits-all solution, which actually renders them less effective for specific applications, and hence we propose to design application-specific visualization solutions for network overview and situational awareness. We discuss the models, algorithms, implementation, and simulation results.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217–224. ACM (2002)
Anderson, J.W.: Hyperbolic Geometry. Springer, New York (2007)
Belmonte, N.G.: The JavaScript InfoVis toolkit. http://www.thejit.org. Accessed 2 Mar 2013
Bourke, P.: Colour ramping for data visualization. http://local.wasp.uwa.edu.au/pbourke/texture_colour/colourramp/. Accessed 18 Nov 2012
Catmull, E., Rom, R.: A class of local interpolating splines. Comput. Aided Geom. Des. 74, 317–326 (1974)
Chu, M., Ingols, K., Lippmann, R., Webster, S., Boyer, S.: Visualizing attack graphs, reachability, and trust relationships with navigator. In: Proceedings of the Seventh International Symposium on Visualization for Cyber Security, pp. 22–33. ACM (2010)
Ellson, J., Gansner, E., Koutsofios, L., North, S.C., Woodhull, G.: Graphviz—open source graph drawing tools. In: Mutzel, P., Jünger, M., Leipert, S. (eds.) GD 2001. LNCS, vol. 2265, pp. 483–484. Springer, Heidelberg (2002). doi:10.1007/3-540-45848-4_57
Frigault, M., Wang, L., Singhal, A., Jajodia, S.: Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM workshop on Quality of protection, QoP 2008, pp. 23–30. ACM, New York (2008)
Holten, D.: Hierarchical edge bundles: visualization of adjacency relations in hierarchical data. IEEE Trans. Visual. Comput. Graph. 12, 741–748 (2006)
Jarvis, R.A.: On the identification of the convex hull of a finite set of points in the plane. Inf. Process. Lett. 2(1), 18–21 (1973)
Johnson, B., Shneiderman, B.: Tree-maps: a space-filling approach to the visualization of hierarchical information structures. In: Proceedings of the IEEE Conference on Visualization 1991, pp. 284–291, October 1991
Krasner, G.E., Pope, S.T., et al.: A description of the model-view-controller user interface paradigm in the smalltalk-80 system. J. Object Oriented Program. 1(3), 26–49 (1988)
Lamping, J., Rao, R., Pirolli, P.: A focus+context technique based on hyperbolic geometry for visualizing large hierarchies. In: Proceedings of the SIGCHI conference on Human Factors in Computing Systems, CHI 1995, pp. 401–408. ACM Press/Addison-Wesley Publishing Co., New York (1995)
Livnat, Y., Agutter, J., Moon, S., Erbacher, R.F., Foresti, S.: A visualization paradigm for network intrusion detection, pp. 92–99 (2005)
Livnat, Y., Agutter, J., Moon, S., Foresti, S.: Visual correlation for situational awareness. In: IEEE Symposium on Information Visualization, INFOVIS 2005, pp. 95–102. IEEE (2005)
Melancon, G., Herman, I.: Circular drawings of rooted trees. In: Reports of the Centre for Mathematics and Computer Sciences (1998)
Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 109–118. ACM (2004)
Noel, S., Jajodia, S.: Understanding complex network attack graphs through clustered adjacency matrices. In: ACSAC, pp. 160–169 (2005)
Xinming, O., Govindavajhala, S., Appel, A.W.: MulVal: a logic-based network security analyzer. In: 14th USENIX Security Symposium, pp. 1–16 (2005)
Prautzsch, H., Boehm, W., Paluszny, M.: Bézier and B-Spline Techniques. Springer, New York (2002)
Schiffman, M.: The common vulnerability scoring system (CVSS), November 2005
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: 2002 Proceedings of the IEEE Symposium on Security and Privacy, pp. 273–284. IEEE (2002)
Shneiderman, B., Wattenberg, M.: Ordered treemap layouts. In: 2001 IEEE Symposium on Information Visualization, INFOVIS 2001, pp. 73–78 (2001)
Williams, L., Lippmann, R., Ingols, K.: GARNET: a graphical attack graph and reachability network evaluation tool. In: Visualization for Computer Security, pp. 44–59 (2008)
Williams, L., Lippmann, R., Ingols, K.: An interactive attack graph cascade and reachability display. In: VizSEC 2007, pp. 221–236 (2008)
Acknowledgements
The authors thank the anonymous reviewers for their valuable comments. This work is partially supported by Natural Science and Engineering Research Council of Canada under Grant N01035.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Emirkanian-Bouchard, M., Wang, L. (2017). Towards Metric-Driven, Application-Specific Visualization of Attack Graphs. In: Cuppens, F., Wang, L., Cuppens-Boulahia, N., Tawbi, N., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2016. Lecture Notes in Computer Science(), vol 10128. Springer, Cham. https://doi.org/10.1007/978-3-319-51966-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-51966-1_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-51965-4
Online ISBN: 978-3-319-51966-1
eBook Packages: Computer ScienceComputer Science (R0)