Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

An Attack Graph Based Probabilistic Security Metric

Published

Author(s)

Lingyu Wang, Tania Islam, Tao Long, Anoop Singhal, Sushil Jajodia

Abstract

To protect critical resources in today's networked environments, it is desirable to quantify the likelihood of potential multi-step attacks that combine multiple vulnerabilities. This now becomes feasible due to a model of causal relationships between vulnerabilities, namely, attack graph. This paper proposes an attack graph-based probabilistic metric for network security and studies its efficient computation. We first define the basic metric and provide an intuitive and meaningful interpretation to the metric. We then study the definition in more complex attack graphs with cycles and extend the definition accordingly. We show that computing the metric directly from its definition is not efficient in many cases and propose heuristics to improve the efficiency of such computation.
Proceedings Title
Data and Applications Security XXII (Lecture Notes in Computer Science)
Volume
5094
Conference Dates
July 13-16, 2008
Conference Location
London, UK
Conference Title
22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security

Keywords

graphs, network security, security metrics, vulnerability assessment

Citation

Wang, L. , Islam, T. , Long, T. , Singhal, A. and Jajodia, S. (2008), An Attack Graph Based Probabilistic Security Metric, Data and Applications Security XXII (Lecture Notes in Computer Science), London, UK, [online], https://doi.org/10.1007/978-3-540-70567-3_22 (Accessed March 28, 2024)
Created July 15, 2008, Updated October 12, 2021