Skip to main content
SpringerLink
Log in

Cybersecurity: A Survey of Vulnerability Analysis and Attack Graphs

  • Conference paper
  • First Online:
Book cover Mathematics and Computing (ICMC 2018)

Part of the book series: Springer Proceedings in Mathematics & Statistics ((PROMS,volume 253))

Included in the following conference series:

Abstract

The network infrastructure is the most critical technical asset of any organization. This network architecture must be useful, efficient, and secure. However, their cybersecurity challenges are immense as the number of attacks is increasing. Consequently, there is a need to have efficient tools to assess the risks, know the vulnerabilities, and find the solutions before the attackers exploit them. The challenges remain in integrating the vulnerability analysis tools in a holistic process that cyber defenders can use to detect an intrusion and respond quickly. Attack graphs showed great importance in analyzing security. In this paper, we present a survey of raised and related topics to the field of vulnerability analysis and attack graphs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Filkins, B.: Network Security Infrastructure and Best Practices: A SANS Survey. SANS Institute, Washington (2017)

    Google Scholar 

  2. Identity Theft Resource Center: ITRC Data Breach Report (2017)

    Google Scholar 

  3. Smith, S.S.: Internet Crime Report 2016, 29920 (2016)

    Google Scholar 

  4. Hall, T., Hau, B., Penrose, M., Bevilacqua, M.: Mandiant M-Trends 2016 EMEA Edition, pp. 1–18 (2016)

    Google Scholar 

  5. Liu, Z., Li, S., He, J., Xie, D., Deng, Z.: Complex network security analysis based on attack graph model. In: 2012 Second International Conference on Instrumentation, Measurement, Computer, Communication and Control, pp. 183–186 (2012)

    Google Scholar 

  6. Sheyner, O., Wing, J.: Tools for generating and analyzing attack graphs. In: 2nd International Symposium on Formal Methods for Components and Objects (FMCO’03), vol. 3188, pp. 344–371 (2004)

    Chapter  Google Scholar 

  7. Abraham, S., Nair, S.: A Predictive Framework for Cyber Security Analytics Using Attack Graphs, pp. 1–17 (2015)

    Article  Google Scholar 

  8. Pirolli, P., Russell, D.M.: Introduction to this special issue on sensemaking. Hum.-Comput. Interact. 26, 1–8 (2011)

    Article  Google Scholar 

  9. Seuwou, P., Banissi, E., Ubakanma, G., Sharif, M.S., Healey, A.: Actor-network theory as a framework to analyse technology acceptance model’s external variables: the case of autonomous vehicles. Commun. Comput. Inf. Sci. 630, 305–320 (2016)

    Google Scholar 

  10. Singhal, A., Ou, X.: Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs, pp. 1–22 (2011). https://doi.org/10.6028/nist.ir.7788

  11. Stevens-Adams, S., Carbajal, A., Silva, A., Nauer, K., Anderson, B., Reed, T., Forsythe, C.: Enhanced Training for Cyber Situational Awareness. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (LNAI), vol. 8027, pp. 90–99 (2013)

    Chapter  Google Scholar 

  12. Jajodia, S., Peng, L., Swarup, V., Wang, C.: Cyber Situational Awareness Testing, vol. 2016, pp. 209–233. Springer (2016)

    Google Scholar 

  13. Wang, C., Du, N., Yang, H.: Generation and analysis of attack graphs. Procedia Eng. 29, 4053–4057 (2012)

    Article  Google Scholar 

  14. Wang, X., Liao, Y.: A replication detection scheme for sensor networks. Procedia Eng. 29, 21–26 (2012)

    Article  Google Scholar 

  15. Yang, J., Liang, L., Yang, Y. and Zhu, G.: A hierarchical network security risk assessment method based on vulnerability attack link generated. In: 2012 4th International Symposium on Information Science and Engineering (ISISE 2012), vol. 1, pp. 113–118 (2012)

    Google Scholar 

  16. Ye, Y., Xu, X.S., Qi, Z.C.: A probabilistic computing approach of attack graph-based nodes in large-scale network. Procedia Environ. Sci. 10, 3–8 (2011)

    Article  Google Scholar 

  17. Pino, R.E.: Cybersecurity Systems for Human Cognition Augmentation. Springer, New York (2014)

    Book  Google Scholar 

  18. Homer, J., Ou, X., Schmidt, D.: A sound and practical approach to quantifying security risk in enterprise networks. Technical Report, pp. 1–15. Kansas State University (2009)

    Google Scholar 

  19. Hamid, R.S., Yasser, G., Rasool, J.: Topological analysis of multi-phase attacks using expert systems. J. Inf. Sci. Eng. 767, 743–767 (2008)

    MathSciNet  Google Scholar 

  20. Noel, S., Jajodia, S.: Understanding complex network attack graphs through clustered adjacency matrices. Proceedings-Annual Computer Security Applications Conference (ACSAC) 2005, 160–169 (2005)

    Article  Google Scholar 

  21. Lippmann, R.P., Ingols, K.W.: An annotated review of past papers on attack graphs. No. PR-IA-1 (2005)

    Google Scholar 

  22. Artz, M.L.: NetSPA: a network security planning architecture. Netw. Secur. 2001, 1–97 (2002)

    Google Scholar 

  23. Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: a logic-based network security analyzer. In: Proceedings of the 14th conference on USENIX Security Symposium, vol. 14 (2005)

    Google Scholar 

  24. Oltsik, J.: Integrated Network Security Architecture: Threat-Focused Next-generation Firewall. The Enterprise Strategy Group, Inc. (2014)

    Google Scholar 

  25. Mell, P., Harang, R.: Minimizing attack graph data structures. In: ICSEA 2015: Tenth International Conference on Software Engineering Advances. Barcelona (2015)

    Google Scholar 

  26. Bacic, E., Froh, M., Henderson, G.: Mulval extensions for dynamic asset protection (2006)

    Google Scholar 

  27. Frigault, M., Wang, L.: Measuring network security using bayesian network-based attack graphs. In: Proceedings—International Computer Software and Applications Conference, pp. 698–703 (2008)

    Google Scholar 

  28. Kaynar, K.: A taxonomy for attack graph generation and usage in network security. J. Inf. Secur. Appl. 29, 27–56 (2016)

    Google Scholar 

  29. Long, X., Wu, X.: Motion segmentation based on edge detection. Procedia Eng. 29, 74–78 (2012)

    Article  Google Scholar 

  30. Ma, J.C., Wang, Y.J., Sun, J.Y., Chen, S.: A minimum cost of network hardening model based on attack graphs. Procedia Eng. 15, 3227–3233 (2011)

    Article  Google Scholar 

  31. Mourad, A., Soeanu, A., Laverdière, M.A., Debbabi, M.: New aspect-oriented constructs for security hardening concerns. Comput. Secur. 28, 341–358 (2009)

    Article  Google Scholar 

  32. Ou, X., Govindavajhala, S., Appel, A.W: Policy-based multihost multistage vulnerability analysis (2005)

    Google Scholar 

  33. Dimitrios, P., Sarandis, M., Christos, D.: Expanding topological vulnerability analysis to intrusion detection through the incident response intelligence system. Inf. Manage. Comput. Secur. 4 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, 4000 Central Florida Blvd., Orlando, FL, 32816, USA

    Rachid Ait Maalem Lahcen & Ram Mohapatra

  2. Department of Mathematics, Birla Institute of Technology and Science-Pilani, Hyderabad Campus, Hyderabad, 500078, Telangana, India

    Manish Kumar

Authors
  1. Rachid Ait Maalem Lahcen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ram Mohapatra
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Manish Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ram Mohapatra .

Editor information

Editors and Affiliations

  1. Department of Mathematical Sciences, Indian Institute of Technology (BHU), Varanasi, Uttar Pradesh, India

    Debdas Ghosh

  2. Department of Computer Science and Engineering, Haldia Institute of Technology, Haldia, West Bengal, India

    Debasis Giri

  3. Department of Mathematics, University of Central Florida, Orlando, FL, USA

    Ram N. Mohapatra

  4. Faculty of Information Science and Electrical Engineering, Kyushu University, Fukuoka, Japan

    Kouichi Sakurai

  5. Uşak University, Uşak, Turkey

    Ekrem Savas

  6. Department of Mathematical Sciences, Indian Institute of Technology (BHU), Varanasi, Uttar Pradesh, India

    Tanmoy Som

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ait Maalem Lahcen, R., Mohapatra, R., Kumar, M. (2018). Cybersecurity: A Survey of Vulnerability Analysis and Attack Graphs. In: Ghosh, D., Giri, D., Mohapatra, R., Sakurai, K., Savas, E., Som, T. (eds) Mathematics and Computing. ICMC 2018. Springer Proceedings in Mathematics & Statistics, vol 253. Springer, Singapore. https://doi.org/10.1007/978-981-13-2095-8_9

Download citation

Publish with us

Policies and ethics

Search

Navigation