A Scalable Approach to Full Attack Graphs Generation

  • Feng Chen
  • Jinshu Su
  • Yi Zhang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5429)


Attack graphs are valuable vulnerabilities analysis tools to network defenders and may be classified to two kinds by application. One is the partial attack graphs which illustrate the potential interrelations among the known vulnerabilities just related to the given attack goal in the targeted network, the other is full attack graphs which evaluate the potential interrelations among all the known vulnerabilities in the targeted network. The previous approaches to generating full attack graphs are suffering from two issues. One is the effective modeling language for full attack graphs generation and the other is the scalability to large enterprise network. In this paper, we firstly present a novel conceptual model for full attack graph generation that introduces attack pattern simplifying the process of modeling the attacker. Secondly, a formal modeling language VAML is proposed to describe the various elements in the conceptual model. Thirdly, based on VAML, a scalable approach to generate full attack graphs is put forward. The prototype system CAVS has been tested on an operational network with over 150 hosts. We have explored the system’s scalability by evaluating simulated networks with up to one thousand hosts and various topologies. The experimental result shows the approach could be applied to large networks.


Vulnerability full attack graph scalable modeling language 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Phillips, C., Swiler, L.: A graph-based system for network vulnerability analysis. In: ACM New Security Paradigms Workshop, pp. 71–79 (1998)Google Scholar
  2. 2.
    Ritchey, R., Ammann, P.: Using model checking to analyze network vulnerabilities. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy, pp. 156–165 (2000)Google Scholar
  3. 3.
    Sheyner, O., Jha, S., Wing, J.M., Lippmann, R.P., Haines, J.: Automated Generation and Analysis of Attack Graphs. In: 2002 IEEE Symposium on Security and Privacy, Oakland, California (2002)Google Scholar
  4. 4.
    Lippmann, R.P., Ingols, K.W.: An annotated review of past papers on attack graphs. Technical report, MIT Lincoln Laboratory, Lexington, MA, ESC-TR-2005-054 (2005)Google Scholar
  5. 5.
    Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217–224. ACM Press, New York (2002)Google Scholar
  6. 6.
    Jajodia, S., Noel, S., O’Berry, B.: Topological Analysis of Network Attack Vulnerability, vol. 5. Kluwer Academic Publishers, Dordrecht (2003)Google Scholar
  7. 7.
    Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: A logic-based network security analyzer. In: 14th USENIX Security Symposium, Baltimore, MD,USA (August. 2005)Google Scholar
  8. 8.
    Ou, X., Boyer, W.F., McQueen, M.A.: A Scalable Approach to Attack Graph Generation. In: Proceedings of the 13th ACM conference on Computer and communications security, pp. 336–345 (2006)Google Scholar
  9. 9.
    Templeton, S., Levit, K.: A Requires/Provides Model for Computer Attacks. In: Proc. of New Security Paradigms Workshop, pp. 31–38 (2000-2009)Google Scholar
  10. 10.
    Cuppens, F., Ortalo, R.: LAMBDA: A language to model a database for detection of attacks. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 197–216. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  11. 11.
    Jha, S., Sheyner, O., Wing, J.: Two Formal Analyses of Attack Graphs. In: Proceedings: 15th IEEE Computer Security Foundations Workshop (CSFW 15), pp. 49–63. IEEE Computer Society Press, Los Alamitos (2002)CrossRefGoogle Scholar
  12. 12.
    Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Computer Communications 29(18), 3812–3824 (2006)CrossRefGoogle Scholar
  13. 13.
    Wang, L., Liu, A., Jajodia, S.: An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts. In: de Capitani di Vimercati, S., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 247–266. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Noel, S., Jajodia, S.: Correlating intrusion events and building attack scenarios through attack graph distance. In: Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004) (2004)Google Scholar
  15. 15.
    Wang, L., Singhal, A., Jajodia, S.: Toward measuring network security using attack graphs. In: Conference on Computer and Communications Security Proceedings of the 2007 ACM workshop on Quality of protection, pp. 49–54 (2007)Google Scholar
  16. 16.
    Graphviz - Graph Visualization Software,
  17. 17.
    Common Vulnerabilities and Exposure,
  18. 18.
    Common Attack Pattern Enumeration and Classification,

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Feng Chen
    • 1
  • Jinshu Su
    • 1
  • Yi Zhang
    • 1
  1. 1.School of ComputerNational University of Defense TechnologyChangshaChina

Personalised recommendations