Title: Empirical risk assessment of attack graphs using time to compromise framework

Authors: Urvashi Garg; Geeta Sikka; Lalit K. Awasthi

Addresses: Department of Computer Science and Engineering, Dr. B.R. Ambedkar National Institute of Technology, Jalandhar, Punjab, India ' Department of Computer Science and Engineering, Dr. B.R. Ambedkar National Institute of Technology, Jalandhar, Punjab, India ' Dr. B.R. Ambedkar National Institute of Technology, Jalandhar, Punjab, India

Abstract: The proliferated complexity of network size together with the expeditious development of software system applications and their large number of vulnerabilities, security hardening is becoming a challenge for security specialists. Operating systems and applications need to be updated on time to ensure the security of the system, but it is neither feasible nor possible to remove every single vulnerability on a system. In this research work, time-based analysis strategy has been proposed to prioritise the machines in terms of their risk factor so as to handle riskier one first. In this regard, a real-time network has been analysed and observed for vulnerabilities present on various systems/machines/hosts in the network and attack graph is generated. Further, the proposed technique was applied on attack nodes (hosts) to find the approximate time to exploit the systems which can be further used to prioritise hosts and attack paths according to their risk of being exploited. Additionally, the proposed methodology can be advantageous in a finding minimal set of machines that needs attention to ensure complete network security. To the best of authors' knowledge, this is the first time that attack paths have been analysed and prioritised using the time to compromise scheme.

Keywords: attack graph analysis; attack path time; vulnerability analysis; time to compromise model; computer security; information security; security control measures; security policy; risk management; security analysis.

DOI: 10.1504/IJICS.2021.117393

International Journal of Information and Computer Security, 2021 Vol.16 No.1/2, pp.33 - 50

Received: 23 Feb 2018
Accepted: 13 Sep 2018

Published online: 27 Aug 2021 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article