Title :
Partial cuts in attack graphs for cost effective network defence
Author :
Sawilla, R. ; Skillicorn, D.
Author_Institution :
Defence R&D Canada, Ottawa, ON, Canada
Abstract :
Because of increasing vulnerabilities, maturing attack tools, and increasing dependence on computer network infrastructure, tools to support network defenders are essential. Course-of-action recommendation research has often assumed a goal of perfect network security. In reality, network administrators balance security with usability and so tolerate vulnerabilities and imperfect security. We provide realistic course-of-action decision support for network administrators by minimizing connectivity in attack graphs, by optimizing network configuration changes to separate defence goals from attackers as much as possible, even when complete security is impractical. We introduce vertex closures and closure-relation graphs in AND/OR digraphs as the underlying framework. Computing an optimal course-of-action is NP-hard but we design a polynomial-time greedy algorithm that almost always produces an optimal solution.
Keywords :
computational complexity; computer network security; directed graphs; greedy algorithms; optimisation; AND/OR digraphs; NP-hard problem; attack graphs; closure-relation graphs; computer network infrastructure; cost effective network defence; course-of-action recommendation research; network defenders; network security; partial cuts; polynomial-time greedy algorithm; vertex closures; Algorithm design and analysis; Communities; Complexity theory; Force; Security; Software; Vectors; attack analytic tools; cyber security; decision support systems;
Conference_Titel :
Homeland Security (HST), 2012 IEEE Conference on Technologies for
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4673-2708-4
DOI :
10.1109/THS.2012.6459864
