Attack Dynamics: An Automatic Attack Graph Generation Framework Based on System Topology, CAPEC, CWE, and CVE Databases

Abstract

Through a built-in security analysis feature based on metadata, this article provides a novel framework that starts with a scenario input and produces a collection of visualizations based on Common Attack Pattern Enumeration and Classification (CAPEC) and Common Weakness Enumeration (CWE) Standards. It immediately links enterprise mitigations from MITRE ATT&CK framework to the security flaws it discovered. It’s also integrated with a third-party optimization tool targeted at cutting security costs for businesses, which it can perform in real-time or later using JSON output in the preferred format, depending on the execution mode. All of these stages are conducted without human intervention. Adaptive metadata with a variety of rules for capturing different sorts of known or prospective attack types allows for the production of attack graphs. It can be used as a quick and practical what-if analysis tool to detect potential intrusions for a variety of network configuration setups and assigned access privileges. As a threat modeler, it is suitable for both novice and expert users. Due to the easy input scheme and human-readable outputs, it can also be utilized as an educational tool.