Abstract
Nowadays, Information and Communication Technologies (ICT) play a significant role in our modern daily life. Computer networks breakdown can strongly impact everything in our life such as personal data, industrials, banks, oil pipelines, hospitals, nuclear reactors, military platforms, etc. Assessing their security is a necessity to reduce the risk of compromise by an attacker. Nevertheless, the actual solutions are rarely adapted to the high complexity of modern computer systems. They often rely on too much human work and the used algorithms do not scale well. Furthermore, the evolution of the system over time is rarely modeled and is therefore not considered in the evaluation of its security. This paper proposes a dynamic attack graph generation method allowing to model attack paths by considering the evolution of the system over time. We compute the probabilities of compromise of the system components by simulating several cyberattacks from the previously constructed dynamic attack graph. We tested our solution on a use case of several thousand of machines. The measured results demonstrate its ability to assess the threat in complex systems caused by combining exploitation of successive vulnerabilities.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.