Abstract

Network administrators are always faced with numerous challenges of identifying threats and in retrospect, securing the organization’s network. The classical approach of identifying the vulnerability in the network is by using commercially developed tools that do not take into cognisance vulnerability interaction between network elements and their behavioral pattern.Therefore, network administrators have to take a hollistic methods to identify vulnerability interrelationships to be captured by an attack graph which will help in identifying all possible ways an attacker would have access to critical resources. The objective therefore is to design an attack graph–based approach for analyzing security vulnerabilities in enterprise networks, implement and evaluate performance of the approach. This work proposes an attack graph network security analyser based. The attack graph directly illustrates logical dependencies among attack goals and configuration information. In the attack graph, a node in the graph is a logical statement and an edge in the graph is represented by causality relation between network configurations and an attacker’s potential privileges. The benchmark is just a collection of Datalog tuples representing the configuration of the synthesized networks, the graph generation CPU time was compared to Sheyner attack graph toolkit. The result in the graph shows the comparison of the graph builder CPU time for the case of a fully connected network and 5 vulnerabilities per host which shows Sheyner’s tools grows exponentially.Some important contributions of this work include establishing an attack graph–based approach for enterprise networks security analysis that can capture generic security interactions and specify security relevant configuration information.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.