By Topic

Partial cuts in attack graphs for cost effective network defence

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

The purchase and pricing options are temporarily unavailable. Please try again later.
2 Author(s)
Sawilla, R. ; Defence R&D Canada, Ottawa, ON, Canada ; Skillicorn, D.

Because of increasing vulnerabilities, maturing attack tools, and increasing dependence on computer network infrastructure, tools to support network defenders are essential. Course-of-action recommendation research has often assumed a goal of perfect network security. In reality, network administrators balance security with usability and so tolerate vulnerabilities and imperfect security. We provide realistic course-of-action decision support for network administrators by minimizing connectivity in attack graphs, by optimizing network configuration changes to separate defence goals from attackers as much as possible, even when complete security is impractical. We introduce vertex closures and closure-relation graphs in AND/OR digraphs as the underlying framework. Computing an optimal course-of-action is NP-hard but we design a polynomial-time greedy algorithm that almost always produces an optimal solution.

Published in:

Homeland Security (HST), 2012 IEEE Conference on Technologies for

Date of Conference:

13-15 Nov. 2012