Computing Optimal Attack Strategies Using Unconstrained Influence Diagrams

  • Viliam Lisý
  • Radek Píbil
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8039)

Abstract

Attack graphs are a formalism for capturing the most important ways to compromise a system. They are used for evaluating risks and designing appropriate countermeasures. Analysis of attack graphs sometimes requires computing the optimal attack strategy that minimizes the expected cost of the attacker in case of stochastically failing actions. We point out several results in AI literature that are highly relevant to this problem, but remain unnoticed by security literature. We note the problem has been shown to be NP-hard and we present how the problem can be reduced to the problem of solving an unconstrained influence diagram (UID). We use an existing UID solver to assess the scalability of the approach, showing that it can be used to optimally solve attack graphs with up to 20 attack actions.

Keywords

dependency attack graph optimal attack strategy unconstrained influence diagram 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Buldas, A., Stepanenko, R.: Upper bounds for adversaries’ utility in attack trees. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 98–117. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    Sarraute, C., Richarte, G., Lucángeli Obes, J.: An algorithm to find optimal attack paths in nondeterministic scenarios. In: Proceedings of the 4th ACM Workshop on Security and Artificial Intelligence, AISec 2011, pp. 71–80. ACM, New York (2011)Google Scholar
  3. 3.
    Greiner, R., Hayward, R., Jankowska, M., Molloy, M.: Finding optimal satisficing strategies for and-or trees. Artificial Intelligence 170(1), 19–58 (2006)MathSciNetMATHCrossRefGoogle Scholar
  4. 4.
    Jensen, F.V., Vomlelová, M.: Unconstrained influence diagrams. In: Proceedings of the Eighteenth Conference on Uncertainty in Artificial Intelligence, UAI 2002, pp. 234–241. Morgan Kaufmann Publishers Inc., San Francisco (2002)Google Scholar
  5. 5.
    Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: Proceedings of the 22nd Annual Computer Security Applications Conference, ACSAC 2006, pp. 121–130. IEEE Computer Society, Washington, DC (2006)Google Scholar
  6. 6.
    Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 336–345. ACM, New York (2006)CrossRefGoogle Scholar
  7. 7.
    Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DAS 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  8. 8.
    Homer, J., Ou, X., Schmidt, D.: A sound and practical approach to quantifying security risk in enterprise networks. Technical report, Kansas State University, Computing and Information Sciences Department (2009)Google Scholar
  9. 9.
    Luque, M., Nielsen, T.D., Jensen, F.V.: An anytime algorithm for evaluating unconstrained influence diagrams. In: Proc. 4th European Workshop on Probabilistic Graphical Models, pp. 177–184 (2008)Google Scholar
  10. 10.
    Isa, J., Lisy, V., Reitermanova, Z., Sykora, O.: Unconstrained influence diagram solver: Guido. In: 19th IEEE International Conference on Tools with Artificial Intelligence, ICTAI 2007, vol. 1, pp. 24–27. IEEE Computer Society (2007)Google Scholar
  11. 11.
    Iša, J., Reitermanová, Z., Sýkora, O.: On the complexity of general solution dags. In: Proceedings of the 2009 International Conference on Machine Learning and Applications, ICMLA 2009, pp. 673–678. IEEE Computer Society, Washington, DC (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Viliam Lisý
    • 1
  • Radek Píbil
    • 1
  1. 1.Agent Technology Center, Department of Computer Science and Engineering, Faculty of Electrical EngineeringCzech Technical University in PragueCzech Republic

Personalised recommendations