Efficient generation of exploit dependency graph by customized attack modeling technique

A major challenge in today´s network is to maintain a secure interconnected world of computing where confidentiality, integrity, availability of information and resources are restored. Traditionally, security is enforced by access control and authentication. However, these security best practices do not take operating system, or network service-based vulnerabilities into account. With the evolution of sophisticated hacking tools, attackers exploit these vulnerabilities and gain legitimate access to network resources, bypassing the access control and authentication policies. Exploit dependency graph models service or application-based attacks and depicts all possible multi-host multi-step attack scenarios that an attacker can launch to penetrate into a network. An important step in the generation of exploit dependency graph is to characterize exploits in terms of a set of precondition and postcondition. Most of the reported works have generated exploit dependency graphs using proprietary vulnerability databases not available in the public domain. This work proposes a customized exploit dependency graph generation through modeling of exploits from open-source databases. Analysis of the developed algorithm shows considerable improvement in terms of time and space complexity in comparison to the reported works.