Abstract
The network security assessment is vital for improving the overall security posture. With diverse opportunities for using networking devices and configuring them, varying software application portfolios, and the increased flexibility of using numerous applications, today's computer networks are subject to continuous evolution. Such ever-growing computer networks in size and complexity lead to information exposure to an increased threat landscape and attack surface variation. The network attack surface constitutes exploitable technical vulnerabilities, software/hardware misconfigurations (i.e., configuration gaps), vulnerable service connectivities, and service-cum-user privileges. An adversary may exploit the network attack surface to penetrate the enterprise networks incrementally. The discovery of new vulnerabilities and vague access control rules can further set off the attack surface variation. Hence, it is essential to consider the temporal aspect of network security. Attack graph, a graphical network security modeling tool, succinctly captures the attack surface of a vulnerable network in the form of initial security conditions, much needed for an adversary for successful incremental network penetration. Existing attack graph-based metrics are inadequate in capturing the variation in the attack surface. We propose to use a Boolean similarity metric to assess the similarity between the goal-oriented attack graphs generated successively for an enterprise network within the chosen sampling interval. We represent individual attack graphs as a Boolean expression to serve our purpose. A Boolean expression is a sum-of-product expression, i.e., a disjunction of attack paths, each a conjunction of initial conditions. We have conducted a set of experiments to validate the efficacy and applicability of the Boolean similarity metric. The results indicate that the Boolean similarity measure can detect the variation in the network attack surface.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
