Cyber Security Using Bayesian Attack Path Analysis

Minz, Remish Leonard; Nagarmat, Sanjana Pai; Rakesh, Ramesh; Isobe, Yoshiaki

Home // CYBER 2018, The Third International Conference on Cyber-Technologies and Cyber-Systems // View article

Cyber Security Using Bayesian Attack Path Analysis

Authors:
Remish Leonard Minz
Sanjana Pai Nagarmat
Ramesh Rakesh
Yoshiaki Isobe

Keywords: cybersecurity; Bayesian network; attack path analysis; Weka; Py-BBN.

Abstract:
Network security has gained huge attention recently considering the rise in cyber-attacks. Attack path analysis provides a comprehensive view of the attack surface for a network infrastructure, thereby assisting decision makers to choose better network protection strategies. Other than several deterministic methods to model attack graphs, the uncertainty of attacks on the network infrastructure encourages probabilistic modeling which makes the Bayesian network a suitable model to represent the attack graph and to analyze the attack paths. Existing research focuses on representing the network topology into a Bayesian network model and using a state-of-the-art algorithm to calculate the attack path. However, practical issues concerning scalability due to Bayesian adoption largely remains unaddressed. In this paper, we provide an efficient modeling mechanism for analyzing the attack path in the network infrastructure using the Bayesian network. Our approach provides an efficient modeling of the network infrastructure, covers vulnerability identification, collection and mapping, semi-automatic attack graph creation and attack path visualization. In addition to this, we list the bottlenecks in the existing approaches for the Bayesian analysis. This paper provides an insight into the efficient modeling technique we used and addresses some limitations of the existing Bayesian libraries that were encountered during modeling. The details on how we implemented our approach and conducted attack path analysis on production level network infrastructure are covered in this paper.

Pages: 15 to 22

Copyright: Copyright (c) IARIA, 2018

Publication date: November 18, 2018

Published in: conference

ISSN: 2519-8599

ISBN: 978-1-61208-683-5

Location: Athens, Greece

Dates: from November 18, 2018 to November 22, 2018