Abstract:
At present, with the rapid development of computer technology and network communication technology, the network security becomes more and more serious. An attacker can often infiltrate a seemingly well-guarded network system to promulgate threats using multi-step attacks by exploiting sequences of related vulnerabilities. And fortunately, the attack graphs are able to reveal such potential threats by enumerating all possible sequences of atomic attacks. Aiming at the problems that it is difficult to generate attack graphs for large network system, a scalable approach is proposed to generate the full attack graphs based on the in-depth analysis of the models' features of the network environment and the limitation of previous algorithms. Firstly, a novel modeling language AGML (Attack Graphs Modeling Language) is proposed, which describes the attack patterns and initial scenario. Secondly, a scalable approach is put forward to generate full attack graphs through the technologies of creating index for the attributes and instantiating attack patterns. Furthermore, the algorithm has been tested on simulated networks. The experimental result shows the approach could be applied to large-scale networks.