Abstract
This paper describes a software system that provides significant new capabilities for visualization and analysis of network attack graphs produced through Topological Vulnerability Analysis (TVA). The TVA approach draws on a database of known exploits and system vulnerabilities to provide a connected graph representing possible cyber-attack paths within a given network. Our visualization approach builds on the extensive functionality of the yWorks suite of graphing tools, providing customized new capabilities for importing, displaying, and interacting with large scale attack graphs, to facilitate comprehensive network security analysis. These visualization capabilities include clustering of attack graph elements for reducing visual complexity, a hierarchical dictionary of attack graph elements, high-level overview with detail drilldown, interactive on-graph hardening of attacker exploits, and interactive graph layouts. This new visualization system is an integrated component of the CAULDRON attack graph tool developed at George Mason University.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Jajodia, S., Noel, S.: Topological Vulnerability Analysis: A Powerful New Approach for Network Attack Prevention, Detection, and Response. Indian Statistical Institute Monograph Series. World Scientific Press, Singapore (2008)
yWorks – The Diagramming Company, http://www.yworks.com/en/index.html
Noel, S., Jajodia, S.: Managing Attack Graph Complexity through Visual Hierarchical Aggregation. In: Workshop on Visualization and Data Mining for Computer Security (2004)
Wang, L., Noel, S., Jajodia, S.: Minimum-Cost Network Hardening Using Attack Graphs. Computer Communications 29(18), 3812–3824 (2006)
Phillips, C., Swiler, L.: A Graph-Based System for Network-Vulnerability Analysis. In: New Security Paradigms Workshop (1998)
Ritchey, R., Ammann, P.: Using Model Checking to Analyze Network Vulnerabilities. In: IEEE Symposium on Security and Privacy (2000)
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated Generation and Analysis of Attack Graphs. In: Proceedings of the IEEE Symposium on Security and Privacy (2002)
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, Graph-Based Network Vulnerability Analysis. In: 9th ACM Conference on Computer and Communications Security (2002)
Wang, L., Yao, C., Singhal, A., Jajodia, S.: Interactive Analysis of Attack Graphs Using Relational Queries. In: Data and Applications Security XX (2006)
Ou, X., Boyer, W., McQueen, M.: A Scalable Approach to Attack Graph Generation. In: 13th ACM Conference on Computer and Communications Security (2006)
Williams, L., Lippmann, R., Ingols, K.: An Interactive Attack Graph Cascade and Reachability Display. In: Workshop on Visualization for Computer Security (2007)
Skybox Security, http://www.skyboxsecurity.com/
RedSeal Systems, http://www.redseal.net/
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
O’Hare, S., Noel, S., Prole, K. (2008). A Graph-Theoretic Visualization Approach to Network Risk Analysis. In: Goodall, J.R., Conti, G., Ma, KL. (eds) Visualization for Computer Security. VizSec 2008. Lecture Notes in Computer Science, vol 5210. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85933-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-85933-8_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85931-4
Online ISBN: 978-3-540-85933-8
eBook Packages: Computer ScienceComputer Science (R0)