Skip to main content
SpringerLink
Log in

A Graph Data Model for Attack Graph Generation and Analysis

  • Conference paper
Book cover Recent Trends in Computer Networks and Distributed Systems Security (SNDS 2014)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 420))

Abstract

Attack graph is a useful tool for enumerating multi-stage, multi-host attacks in organizational networks. It helps in understanding the diverse nature of threats and to decide on countermeasures which require on-the-fly implementation of custom algorithms for attack graph analysis. Existing approaches on interactive analysis of attack graph use relational database which lack data structures and operations related to graph. Graph databases enable storage of graph data and efficient querying of such data. In this paper, we present a graph data model for representing input information for attack graph generation. Also, we show how graph queries can be used to generate attack graph and facilitate its analysis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chen, B., Yegneswaran, V., Barford, P., Ramakrishnan, R.: Toward a Query Language for Network Attack Data. In: Proceedings of the 22nd International Conference on Data Engineering Workshops, pp. 28–28. IEEE Press, New York (2006)

    Google Scholar 

  2. Chen, F., Su, J., Zhang, Y.: A Scalable Approach to Full Attack Graphs Generation. In: Massacci, F., Redwine Jr., S.T., Zannone, N. (eds.) ESSoS 2009. LNCS, vol. 5429, pp. 150–163. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. Idika, N., Bhargava, B.: Extending Attack Graph-Based Security Metrics and Aggregating Their Application. IEEE Transaction on Dependable and Secure Computing 9(1), 75–85 (2012)

    Article  Google Scholar 

  4. Jajodia, S., Noel, S., O’Berry, B.: Topological Analysis of Network Attack Vul-nerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats. LNCS, pp. 247–266. Springer (2005)

    Google Scholar 

  5. Joslyn, C., Choudhury, S., Haglin, D., Howe, B., Nickless, B., Olsen, B.: Massive scale cyber traffic analysis: a driver for graph database research. In: First International Workshop on Graph Data Management Experiences and Systems, pp. 3:1–3:6. ACM, New York (2013)

    Google Scholar 

  6. Lippmann, R., Ingols, K., Scott, C., Piwowarski, K., Kratkiewicz, K., Artz, M., Cunningham, R.: Validating and restoring defense in depth using attack graphs. In: Proceedings of the IEEE Conference on Military Communications, pp. 981–990. IEEE Press, Piscataway (2006)

    Google Scholar 

  7. Neo4j Graph Database, http://www.neo4j.org/

  8. Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 336–345. ACM, New York (2006)

    Chapter  Google Scholar 

  9. Ritchey, R.W., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 156–165. IEEE Press, New York (2000)

    Google Scholar 

  10. Sheyner, O., Haines, J.W., Jha, S., Lippmann, R., Wing, J.M.: Automated Generation and Analysis of Attack Graphs. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 273–284. IEEE Press, New York (2002)

    Google Scholar 

  11. Vicknair, C., Macias, M., Zhao, Z., Nan, X., Chen, Y., Wilkins, D.: A comparison of a graph database and a relational database: a data provenance perspective. In: Proceedings of the 48th Annual Southeast Regional Conference, pp. 42:1–42:6. ACM, New York (2010)

    Google Scholar 

  12. Wang, L., Liu, A., Jajodia, S.: An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts. In: Vimercati, S.C., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 247–266. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Computer Communications 29(18), 3812–3824 (2006)

    Article  Google Scholar 

  14. Wang, L., Yao, C., Singhal, A., Jajodia, S.: Implementing interactive analysis of attack graphs using relational databases. Journal of Computer Security 16(4), 419–437 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Comp. Sc. and Engg., Jadavpur University, Kolkata, India

    Mridul Sankar Barik & Chandan Mazumdar

Authors
  1. Mridul Sankar Barik
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chandan Mazumdar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Facultad de Informatica, Campus de Espinardo, s/n, 30., 100, Murcia, Spain

    Gregorio Martínez Pérez

  2. Indian Institute of Information Technology and Management, Technopark Campus, 695581, Trivandrum, Kerala, India

    Sabu M. Thampi

  3. Faculty of Computing and Mathematical Sciences, The University of Waikato, Waikato Mail Centre, Private Bag 3105, Hamilton, New Zealand

    Ryan Ko

  4. Guangdong University of Petrochemical Technology, P.R. China

    Lei Shu

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Barik, M.S., Mazumdar, C. (2014). A Graph Data Model for Attack Graph Generation and Analysis. In: Martínez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds) Recent Trends in Computer Networks and Distributed Systems Security. SNDS 2014. Communications in Computer and Information Science, vol 420. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54525-2_22

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-54525-2_22

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-54524-5

  • Online ISBN: 978-3-642-54525-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation