Abstract

Attack graphs can be applied to analyze network security, but there are two issues, namely scalability and loop. To solve these problems, we propose a new kind of attack graph named GP-AG, which is generated based on greedy policy. The construction process of GP-AG falls into two phases, the first phase generates the main attack graph with complete greedy policy, and the second phase generates all the sub attack graphs with incomplete greedy policy, the entire attack graph is composed of the main attack graph and all the sub attack graphs. The experiment results indicate that GP-AG provide a novel solution to the problem of efficient attack graph representation and analysis with less nodes and edges and without loops generated, and can help network administrators to find the critical vulnerabilities and attack paths effectively.

Full Text

Published Version

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.