Attack prediction to enhance attack path discovery using improved attack graph

Al-Araji, Zaid Jasim and Abdullah, Raihana Syahirah and Syed Ahmad, Sharifah Sakinah (2022) Attack prediction to enhance attack path discovery using improved attack graph. Karbala International Journal of Modern Science, 8 (3). pp. 313-329. ISSN 2405-609X

Text
KARBALA JOURNAL.PDF
Download (3MB)

Official URL: https://kijoms.uokerbala.edu.iq/cgi/viewcontent.cg...

Abstract

Organizations and governments constantly face potential security attacks. However, the need for next-generation cyber defense has become even more urgent in a day and age when attack surfaces that hackers can exploit have grown at an alarming rate with an increase in the number of connected devices to the Internet. The next-generation cyber defense that relies on predictive analysis is more proactive than existing technologies that rely on intrusion detection. Many approaches with which to detect and predict attacks have been proposed in recent times. One such approach is attack graphs. The primary purpose of an attack graph is to not only predict an attack but its next steps within a network as well. More specifically, an attack graph depicts the paths that an attacker may employ to circumvent network policies by exploiting interdependencies between the vulnerabilities. However, extant attack graphs are plagued with a few issues. Scalability is just one of the main issues that attack graph generation faces. This is because an increase in the number of devices used increases the number of vulnerabilities within a network. This, in turn, increases the complexity as well as the amount of time required to generate an attack graph. At present, existing studies that have used attack graphs to predict the subsequent steps during an attack have manually assigned the attack location for attack graph analysis. In order to overcome this limitation, this present study recommends the use of intelligent agents to reduce reachability time by calculating between the nodes, as well as using the A*prune algorithm to remove useless edges and reduce attack graph complexity. For the attack graph analysis, the random forest algorithm was used to detect, predict, and dynamically ascertain the attack location in the network. The results of the attack graph generation experiment revealed that the A*prune attack graph produced better results than existing attack graphs.

Item Type:	Article
Uncontrolled Keywords:	Attack graph, Attack path, A* prune algorithm, Attack path discovery, Attack graph analysis
Divisions:	Faculty of Information and Communication Technology
Depositing User:	Sabariah Ismail
Date Deposited:	02 Mar 2023 12:14
Last Modified:	02 Mar 2023 12:14
URI:	http://eprints.utem.edu.my/id/eprint/26230
Statistic Details:	View Download Statistic

Actions (login required)

View Item