Skip to main content

Attacker-Parametrised Attack Graphs

van Rensburg, Alastair Janse, Nurse, Jason R. C., Goldsmith, Michael (2016) Attacker-Parametrised Attack Graphs. In: The Tenth International Conference on Emerging Security Information, Systems and Technologies, July 24th-28th 2016, France Nice. (KAR id:67490)

PDF Publisher pdf
Language: English
Download (164kB) Preview


Computer network attackers chain system exploits together to achieve their goals, which range from stealing data to corrupting systems. Attack graphs represent these paths through the network, and provide the basis for calculating many security metrics. In this paper, we seek to extend graph-based analysis from the consideration of single graphs to the consideration of multiple. By performing analysis on many graphs at once, we consider the range of threats faced and avoid the downsides of several current techniques, which focus purely on known and expected attackers. In particular, we propose a novel method of generating a set of attack graphs, parametrised by attacker profiles. Our technique would enable security analysts to consider the security of their network from the perspective of many attackers simultaneously. This contrasts with existing techniques, which typically analyse attacker-independent graphs or graphs constructed around predefined attacker profiles. We analyse the resulting set of graphs first through deterministic methods and then using a probability measure.

Item Type: Conference or workshop item (Paper)
Uncontrolled keywords: Attack graphs; attacker profiling; intrusion detection
Subjects: Q Science
T Technology
Divisions: Faculties > Sciences > School of Computing > Security Group
Depositing User: Jason Nurse
Date Deposited: 03 Jul 2018 13:17 UTC
Last Modified: 13 Jan 2020 13:53 UTC
Resource URI: (The current URI for this page, for reference purposes)
Nurse, Jason R. C.:
  • Depositors only (login required):


Downloads per month over past year