Exploring Attack Graphs for Security Risk Assessment: A Probabilistic Approach
GAO Ni, HE Yiyue1. School of Information, Xi’an University of Finance and Economics, Xi’an 710100, Shaanxi, China; 2. School of Economics and Management, Northwest University, Xi’an 710127, Shaanxi, China
The attack graph methodology can be used to identify the potential attack paths that an attack can propagate. A risk as-sessment model based on Bayesian attack graph is presented in this paper. Firstly, attack graphs are generated by the MULVAL (Multi-host, Multistage Vulnerability Analysis) tool according to sufficient information of vulnerabilities, network configurations and host connectivity on networks. Secondly, the probabilistic attack graph is established according to the causal relationships among sophisticated multi-stage attacks by using Bayesian Net-works. The probability of successful exploits is calculated by combining index of the Common Vulnerability Scoring System, and the static security risk is assessed by applying local conditional probability distribution tables of the attribute nodes. Finally, the overall security risk in a small network scenario is assessed. Experimental results demonstrate our work can deduce attack intention and potential attack paths effectively, and provide effective guidance on how to choose the optimal security hardening strategy.
Key words:risk assessment; attack graph; Bayesian networks; prior probability
 Mell P, Scarfone K, Romanosky S. Common vulnerability scoring system [J]. IEEE Security & Privacy, 2006, 4(6): 85-89.
 Ou X, Homer J, Zhang S, et al. MulVal project at Kansas State University[EB/OL]. [2013-11-20]. http://people.cs.ksu. edu/~xou/mulval/.
 Jajodia S, Noel S. Topological Vulnerability Analysis: A Powerful New Approach for Network Attack Prevention, Detection, and Response [M]. Singapore: World Scientific Publishing Company, 2008.
 Ou X, Boyer W F, McQueen M A. A scalable approach to attack graph generation[C]// Proc 13th ACM Conference on Computer and Communications Security (CCS 2006). New York: ACM, 2006: 336-345.
 Sheyner O, Haines J, Jha S, et al. Automated generation and analysis of attack graphs[C]// Pro of the 2002 IEEE Sympo-sium on Security and Privacy(S&P). Washington D C: IEEE, 2002: 273-284.
 Xie P, Li J, Ou X, et al. Using Bayesian networks for cyber security analysis[C] // Proc 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). Washington D C: IEEE, 2010: 211-220.
 Idika N, Bhargava B. Extending attack graph-based security metrics and aggregating their application [J]. IEEE Transac-tions on Dependable and Secure Computing, 2012, 9(1): 75-85.
 Zhang S J, Song S S. A novel attack graph posterior infer-ence model based on Bayesian network [J]. Journal of In-formation Security, 2011, 2:8-27(Ch).
 Chen X J, Fang B X, Tan Q F, et al. Inferring attack intent of malicious insider based on probabilistic attack graph model [J]. Chinese Journal of Computers, 2014, 37(1):62-72(Ch).
 Barik M S, Sengupta A, Mazumdar C. Attack graph genera-tion and analysis techniques[J]. Defence Science Journal, 2016, 66(6): 559-567.
 Kaynar K, Sivrikaya F. Distributed attack graph genera-tion[J]. IEEE Transactions on Dependable & Secure Computing, 2016, 13(5):519-532.
 National Institute of Standards and Technology (NIST). National vulnerability database(NVD)[EB/OL]. [2017-03-20]. https://nvd.nist. gov/.
 The Forum of Incident Response and Security Teams (FIRST). Common vulnerability scoring system (CVSS) [EB/OL]. [2017-07-24]. https://www.first.org/cvss/.
 AT&T Labs Research. GraphViz-graph visualization soft-ware[EB/OL]. [2017-08-06]. http://www.graphviz.org/.