Attack Graph-Based Risk Assessment and Optimisation Approach

Mohammed Alhomidi, Martin Reed
2014 International journal of network security and its applications  
Attack graphs are models that offer significant capabilities to analyse security in network systems. An attack graph allows the representation of vulnerabilities, exploits and conditions for each attack in a single unifying model. This paper proposes a methodology to explore the graph using a genetic algorithm (GA). Each attack path is considered as an independent attack scenario from the source of attack to the target. Many such paths form the individuals in the evolutionary GA solution. The
more » ... pulation-based strategy of a GA provides a natural way of exploring a large number of possible attack paths to find the paths that are most important. Thus unlike many other optimisation solutions a range of solutions can be presented to a user of the methodology.
doi:10.5121/ijnsa.2014.6303 fatcat:ly3dtd2h6ncitnlyzkw7kzncsy