Abstract
Attack graph is a useful tool for enumerating multi-stage, multi-host attacks in organizational networks. It helps in understanding the diverse nature of threats and to decide on countermeasures which require on-the-fly implementation of custom algorithms for attack graph analysis. Existing approaches on interactive analysis of attack graph use relational database which lack data structures and operations related to graph. Graph databases enable storage of graph data and efficient querying of such data. In this paper, we present a graph data model for representing input information for attack graph generation. Also, we show how graph queries can be used to generate attack graph and facilitate its analysis.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chen, B., Yegneswaran, V., Barford, P., Ramakrishnan, R.: Toward a Query Language for Network Attack Data. In: Proceedings of the 22nd International Conference on Data Engineering Workshops, pp. 28–28. IEEE Press, New York (2006)
Chen, F., Su, J., Zhang, Y.: A Scalable Approach to Full Attack Graphs Generation. In: Massacci, F., Redwine Jr., S.T., Zannone, N. (eds.) ESSoS 2009. LNCS, vol. 5429, pp. 150–163. Springer, Heidelberg (2009)
Idika, N., Bhargava, B.: Extending Attack Graph-Based Security Metrics and Aggregating Their Application. IEEE Transaction on Dependable and Secure Computing 9(1), 75–85 (2012)
Jajodia, S., Noel, S., O’Berry, B.: Topological Analysis of Network Attack Vul-nerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats. LNCS, pp. 247–266. Springer (2005)
Joslyn, C., Choudhury, S., Haglin, D., Howe, B., Nickless, B., Olsen, B.: Massive scale cyber traffic analysis: a driver for graph database research. In: First International Workshop on Graph Data Management Experiences and Systems, pp. 3:1–3:6. ACM, New York (2013)
Lippmann, R., Ingols, K., Scott, C., Piwowarski, K., Kratkiewicz, K., Artz, M., Cunningham, R.: Validating and restoring defense in depth using attack graphs. In: Proceedings of the IEEE Conference on Military Communications, pp. 981–990. IEEE Press, Piscataway (2006)
Neo4j Graph Database, http://www.neo4j.org/
Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 336–345. ACM, New York (2006)
Ritchey, R.W., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 156–165. IEEE Press, New York (2000)
Sheyner, O., Haines, J.W., Jha, S., Lippmann, R., Wing, J.M.: Automated Generation and Analysis of Attack Graphs. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 273–284. IEEE Press, New York (2002)
Vicknair, C., Macias, M., Zhao, Z., Nan, X., Chen, Y., Wilkins, D.: A comparison of a graph database and a relational database: a data provenance perspective. In: Proceedings of the 48th Annual Southeast Regional Conference, pp. 42:1–42:6. ACM, New York (2010)
Wang, L., Liu, A., Jajodia, S.: An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts. In: Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 247–266. Springer, Heidelberg (2005)
Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Computer Communications 29(18), 3812–3824 (2006)
Wang, L., Yao, C., Singhal, A., Jajodia, S.: Implementing interactive analysis of attack graphs using relational databases. Journal of Computer Security 16(4), 419–437 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Barik, M.S., Mazumdar, C. (2014). A Graph Data Model for Attack Graph Generation and Analysis. In: Martínez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds) Recent Trends in Computer Networks and Distributed Systems Security. SNDS 2014. Communications in Computer and Information Science, vol 420. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54525-2_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-54525-2_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-54524-5
Online ISBN: 978-3-642-54525-2
eBook Packages: Computer ScienceComputer Science (R0)