Download PDFOpen PDF in browser

Analysis of Attack Graph Representations for Ranking Vulnerability Fixes

14 pagesPublished: September 17, 2018


Software vulnerabilities in organizational computer networks can be leveraged by an attacker to gain access to sensitive information. As fixing all vulnerabilities requires much effort, it is critical to rank the possible fixes by their importance. Centrality measures over logical attack graphs, or over the network connectivity graph, often provide a scalable method for finding the most critical vulnerabilities.
In this paper we suggest an analysis of the planning graph, originating in classical planning, as an alternative for the logical attack graph, to improve the ranking produced by centrality measures. The planning graph also allows us to enumerate the set of possible attack plans, and hence, directly count the number of attacks that use a given vulnerability. We evaluate a set of centrality-based ranking measures over the logical attack graph and the planning graph, showing that metrics computed over the planning graph reduce more rapidly the set of shortest attack plans.

Keyphrases: attack graph, Automated Planning, Cyber Security, Pentesting, planning graph

In: Daniel Lee, Alexander Steen and Toby Walsh (editors). GCAI-2018. 4th Global Conference on Artificial Intelligence, vol 55, pages 215--228

BibTeX entry
  author    = {Tom Gonda and Tal Pascal and Rami Puzis and Guy Shani and Bracha Shapira},
  title     = {Analysis of Attack Graph Representations for Ranking Vulnerability Fixes},
  booktitle = {GCAI-2018. 4th Global Conference on Artificial Intelligence},
  editor    = {Daniel Lee and Alexander Steen and Toby Walsh},
  series    = {EPiC Series in Computing},
  volume    = {55},
  pages     = {215--228},
  year      = {2018},
  publisher = {EasyChair},
  bibsource = {EasyChair,},
  issn      = {2398-7340},
  url       = {},
  doi       = {10.29007/2c1q}}
Download PDFOpen PDF in browser