Performance analysis of automated attack graph generation software
Cullum, James J.
MetadataShow full item record
The current generation of network vulnerability detection software uses databases of known vulnerabilities and scans target networks for these weaknesses. The results can be voluminous and difficult to assess. Thus, the success of this technology has created a need for software to aid in network vulnerability analysis. Although research has shown the effectiveness of automated attack graph generation tools in displaying potential attack paths in a network, research involving the performance of these tools has been limited. Using empirical testing, we have collected quantitative data using CAULDRON, an attack graph generation tool developed at George Mason University, on a collection of simulated networks. By defining our model to include sets of nodes, which allow connectivity from all nodes to all nodes in the set; the number of nodes present in each set, the number of connections between sets; and the number of vulnerabilities per node as our variables, we are able to observe the performance impact on CAULDRON of connectivity and the increased presence of vulnerabilities in our networks. The effect of these variables on processing time and memory usage is presented and can be used as a metric to assess the scalability of this tool within various customer environments.
Showing items related by title, author, creator and subject.
Performance Impact of Connectivity Restrictions and Increased Vulnerability Presence on Automated Attack Graph Generation Cullum, James; Irvine, Cynthia E.; Levin, Tim (International Conference on Warfare and Security (ICIW) Naval Postgraduate School , Monterey, California, USA 8-9 March 2007 pp.33-46, 2007-03-00);The current generation of network vulnerability detection software uses databases of known vulnerabilities and scans target networks for these weaknesses. The results can be voluminous and difficult to assess. Thus, the ...
Torner, Linus P. (Monterey, California: Naval Postgraduate School, 2015-09);Several recent terrorist attacks in Western countries have highlighted the need for strategies to disrupt dark networks, and social network analysis (SNA) has proven to be a useful tool for analyzing network structure and ...
Duong, Binh T. (Monterey, California. Naval Postgraduate School, 2006-03);Honeypots are computer systems deliberately designed to be attack targets, mainly to learn about cyber-attacks and attacker behavior. When implemented as part of a security posture, honeypots also protect real networks by ...