Among the existing attack models, Attack Graphs (AGs) represent a powerful abstraction to capture the notion of multi step attacks i.e., ensembles of sequential vulnerability exploits taken by an attacker with a specific objective. A well-known issue in using AGs is their poor scalability due to the complexity of generating and analyzing all existing attack paths. To this aim, we propose a workflow for a more efficient generation of attack paths in a distributed and resilient manner. We describe the general workflow, emphasizing the research challenges and providing few preliminary solutions.

A workflow for distributed and resilient Attack Graph generation / Palma, Alessandro; Bonomi, Silvia. - (2023), pp. 185-187. (Intervento presentato al convegno 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks tenutosi a Porto, Portugal) [10.1109/DSN-S58398.2023.00050].

A workflow for distributed and resilient Attack Graph generation

Alessandro Palma
;
Silvia Bonomi
2023

Abstract

Among the existing attack models, Attack Graphs (AGs) represent a powerful abstraction to capture the notion of multi step attacks i.e., ensembles of sequential vulnerability exploits taken by an attacker with a specific objective. A well-known issue in using AGs is their poor scalability due to the complexity of generating and analyzing all existing attack paths. To this aim, we propose a workflow for a more efficient generation of attack paths in a distributed and resilient manner. We describe the general workflow, emphasizing the research challenges and providing few preliminary solutions.
2023
53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks
Attack Graph; Distributed Computing; Cybersecurity
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
A workflow for distributed and resilient Attack Graph generation / Palma, Alessandro; Bonomi, Silvia. - (2023), pp. 185-187. (Intervento presentato al convegno 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks tenutosi a Porto, Portugal) [10.1109/DSN-S58398.2023.00050].
File allegati a questo prodotto
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1687558
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 0
social impact