Sciweavers

VIZSEC
2007
Springer

An Interactive Attack Graph Cascade and Reachability Display

14 years 5 months ago
An Interactive Attack Graph Cascade and Reachability Display
Abstract Attack graphs for large enterprise networks improve security by revealing critical paths used by adversaries to capture network assets. Even with simplification, current attack graph displays are complex and difficult to relate to the underlying physical networks. We have developed a new interactive tool intended to provide a simplified and more intuitive understanding of key weaknesses discovered by attack graph analysis. Separate treemaps are used to display host groups in each subnet and hosts within each treemap are grouped based on reachability, attacker privilege level, and prerequisites. Users position subnets themselves to reflect their own intuitive grasp of network topology. Users can also single-step the attack graph to successively add edges that cascade to show how attackers progress through a network and learn what vulnerabilities or trust relationships allow critical steps. Finally, an integrated reachability display demonstrates how filtering devices affect hos...
Leevar Williams, Richard Lippmann, Kyle Ingols
Added 09 Jun 2010
Updated 09 Jun 2010
Type Conference
Year 2007
Where VIZSEC
Authors Leevar Williams, Richard Lippmann, Kyle Ingols
Comments (0)