Overview on attack graph generation and visualization technology

Shengwei Yi*, Yong Peng, Qi Xiong, Ting Wang, Zhonghua Dai, Haihui Gao, Junfeng Xu, Jiteng Wang, Lijuan Xu

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

41 Citations (Scopus)

Abstract

Network vulnerability can be analyzed automatically by attack graph. Attack graph tools can generate attack paths in network and show users the network vulnerabilities analyzing process for network security risk analysis. There are some problems such as state space explosion, the high complexity of algorithms, being difficult to demonstrate graphically, and so on, for attack graph generation and visualization techniques. Therefore, we surveyed and analyzed the attack graph generation and visualization technology. We summarized the open source tools like MulVAL, TVA. Attack Graph Toolkit, NetSPA and so on, and the commercial tools, for example, Cauldron, FireMon, Skybox View. We compared and analyzed these tools from the aspects of the attack graph types, scalability, or complexity of attack graph generation algorithm, the degree of attack graph visualization. Their common denominator was summarized, and their different points were analyzed. The future and applications for attack graph were forecasted, for example its applications in industrial control systems, and in the network security defense and risk assessment.

Original languageEnglish
Title of host publication2013 IEEE International Conference on Anti-Counterfeiting, Security and Identification, ASID 2013
PublisherIEEE Computer Society
ISBN (Print)9781479911110
DOIs
Publication statusPublished - 2013
Externally publishedYes
Event2013 IEEE International Conference on Anti-Counterfeiting, Security and Identification, ASID 2013 - Shanghai, China
Duration: 25 Oct 201327 Oct 2013

Publication series

NameProceedings of the International Conference on Anti-Counterfeiting, Security and Identification, ASID
ISSN (Print)2163-5048
ISSN (Electronic)2163-5056

Conference

Conference2013 IEEE International Conference on Anti-Counterfeiting, Security and Identification, ASID 2013
Country/TerritoryChina
CityShanghai
Period25/10/1327/10/13

Keywords

  • Attack Graph
  • Attack Paths
  • Network Vulnerability Analysis
  • Visualization

Fingerprint

Dive into the research topics of 'Overview on attack graph generation and visualization technology'. Together they form a unique fingerprint.

Cite this