Abstract
An attack graph is a crucial tool for network security analysis. Traditionally, network administrators utilize attack graphs to generate possible attack paths and estimate the attack probability (risk) in a networked environment. However, the attack probability does not alone provide enough directions to take security measures. Furthermore, there is a lack of combining the attack probability with the attack node's topological influence factors, which also contributes to propagate cyberattacks. This work proposes a cyber risk assessment platform to enhance cyber situational awareness by addressing those gaps. We first present methods to compute cyber risk using the attack graph and then extract network topological influence factors (i.e., features) using graph centrality measures. Next, we apply unsupervised learning to the extracted features to find the network's highly exploitable attack points. Finally, we use graph embedding techniques to identify the objective similarity among the attack privilege nodes. We illustrate the applications of our machine learning-based cyber risk assessment platform using a SCADA (supervisory control and data acquisition) case study for the cyber-physical power systems. The simulation results demonstrate that the platform provides a better understanding of the cyber risk assessment and situational awareness by applying machine learning techniques on the attack graph.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
