Identification of Attack Paths Using Kill Chain and Attack Graphs

06/21/2022
by   Lukáš Sadlek, et al.
0

The ever-evolving capabilities of cyber attackers force security administrators to focus on the early identification of emerging threats. Targeted cyber attacks usually consist of several phases, from initial reconnaissance of the network environment to final impact on objectives. This paper investigates the identification of multi-step cyber threat scenarios using kill chain and attack graphs. Kill chain and attack graphs are threat modeling concepts that enable determining weak security defense points. We propose a novel kill chain attack graph that merges kill chain and attack graphs together. This approach determines possible chains of attacker's actions and their materialization within the protected network. The graph generation uses a categorization of threats according to violated security properties. The graph allows determining the kill chain phase the administrator should focus on and applicable countermeasures to mitigate possible cyber threats. We implemented the proposed approach for a predefined range of cyber threats, especially vulnerability exploitation and network threats. The approach was validated on a real-world use case. Publicly available implementation contains a proof-of-concept kill chain attack graph generator.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
07/20/2021

A Markov Game Model for AI-based Cyber Security Attack Mitigation

The new generation of cyber threats leverages advanced AI-aided methods,...
research
04/26/2018

From product recommendation to cyber-attack prediction: Generating attack graphs and predicting future attacks

Modern information society depends on reliable functionality of informat...
research
06/03/2023

Tecnicas Avanzadas de Ciberseguridad: Integracion y Evolucion de la Kill Chain en Diversos Escenarios

The document provides an in-depth analysis of the main attack chain mode...
research
02/08/2022

Ontology-based Attack Graph Enrichment

Attack graphs provide a representation of possible actions that adversar...
research
10/06/2021

A Novel Approach for Attack Tree to Attack Graph Transformation: Extended Version

Attack trees and attack graphs are both common graphical threat models u...
research
06/19/2023

Cyber Key Terrain Identification Using Adjusted PageRank Centrality

The cyber terrain contains devices, network services, cyber personas, an...
research
06/29/2022

Current Challenges of Cyber Threat and Vulnerability Identification Using Public Enumerations

Identification of cyber threats is one of the essential tasks for securi...

Please sign up or login with your details

Forgot password? Click here to reset