CVSS Attack Graphs

Author

Gallon, Laurent ; Bascou, Jean-Jacques

Author_Institution

LIUPPA, Univ. of Pau, Mont-de-Marsan, France

fYear

2011

fDate

Nov. 28 2011-Dec. 1 2011

Firstpage

Lastpage

Abstract

Attack models and attack graphs are efficient tools to describe and analyse attack scenarios aimed at computer networks. More precisely, attack graphs give all possible scenarios for an attacker to reach a certain goal, exploiting vulnerabilities of the targeted network. Nevertheless they give no information about the damages induced by these attacks, nor about the probability of exploitation of these scenarios. In this paper, we propose to combine attack graphs and CVSS framework, in order to add damage and exploitability probability information. Then, we define a notion of risk for each attack scenario, which is based on quantitative information added to attack graphs.

Keywords

computer network security; graph theory; probability; CVSS attack graphs; attack models; computer networks; exploitability probability information; targeted network vulnerabilities; Authentication; Complexity theory; Gold; Measurement; Servers; Vectors; CVSS; attack graphs; risk;

fLanguage

English

Publisher

ieee

Conference_Titel

Signal-Image Technology and Internet-Based Systems (SITIS), 2011 Seventh International Conference on

Conference_Location

Dijon

Print_ISBN

978-1-4673-0431-3

Type

conf

DOI

10.1109/SITIS.2011.24

Filename

6120625

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2893998