Skip to main content

Attacker−Parametrised Attack Graphs

Alastair Janse van Rensburg‚ Jason R.C. Nurse and Michael Goldsmith


Computer network attackers chain system exploits together to achieve their goals, which range from stealing data to corrupting systems. Attack graphs represent these paths through the network, and provide the basis for calculating many security metrics. In this paper, we seek to extend graph-based analysis from the consideration of single graphs to the consideration of multiple. By performing analysis on many graphs at once, we consider the range of threats faced and avoid the downsides of several current techniques, which focus purely on known and expected attackers. In particular, we propose a novel method of generating a set of attack graphs, parametrised by attacker profiles. Our technique would enable security analysts to consider the security of their network from the perspective of many attackers simultaneously. This contrasts with existing techniques, which typically analyse attacker-independent graphs or graphs constructed around predefined attacker profiles. We analyse the resulting set of graphs first through deterministic methods and then using a probability measure.

Book Title
10th International Conference on Emerging Security Information‚ Systems and Technologies
Attack graphs; attacker profiling; intrusion detection