## Managing Attack Graph Complexity through Visual Hierarchical Aggregation (2004)

Venue: | In VizSEC/DMSEC ’04: Proceedings of the 2004 ACM workshop on Visualization and |

Citations: | 44 - 4 self |

### BibTeX

@INPROCEEDINGS{Noel04managingattack,

author = {Steven Noel},

title = {Managing Attack Graph Complexity through Visual Hierarchical Aggregation},

booktitle = {In VizSEC/DMSEC ’04: Proceedings of the 2004 ACM workshop on Visualization and},

year = {2004},

pages = {109--118},

publisher = {ACM Press}

}

### Years of Citing Articles

### OpenURL

### Abstract

We describe a framework for managing network attack graph complexity through interactive visualization, which includes hierarchical aggregation of graph elements. Aggregation collapses non-overlapping subgraphs of the attack graph to single graph vertices, providing compression of attack graph complexity. Our aggregation is recursive (nested), according to a predefined aggregation hierarchy. This hierarchy establishes rules at each level of aggregation, with the rules being based on either common attribute values of attack graph elements or attack graph connectedness. The higher levels of the aggregation hierarchy correspond to higher levels of abstraction, providing progressively summarized visual overviews of the attack graph. We describe rich visual representations that capture relationships among our semantically-relevant attack graph abstractions, and our views

### Citations

199 |
Automated generation and analysis of attack graphs
- Sheyner, Haines, et al.
- 2002
(Show Context)
Citation Context ...They can be applied in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1][2]=-=[3]-=-[4][5][6][7][8][9][10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and computa... |

189 |
Alert Correlation in a Cooperative Intrusion Detection Framework
- Cuppens, Miége
(Show Context)
Citation Context ...There has also been complementary work in the kind of network attack modeling needed for generating attack graphs [12][13][14]. Also, attack graphs have been generated for intrusion alert correlation =-=[15]-=-[16][17][18]. However, this work does not address attack graph usability and complexity management as we do. While various approaches have been proposed for inducing hierarchical structure on graphs, ... |

117 | A graph-based system for networkvulnerability analysis
- Phillips, Laura
- 1998
(Show Context)
Citation Context ...applied in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1][2][3][4][5][6]=-=[7]-=-[8][9][10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and computational scala... |

117 | A Requires/Provides Model for Computer Attacks, Workshop on New Security paradigms
- Templeton
- 2000
(Show Context)
Citation Context ...cs, and introduce novel interactive visual representations for aggregated graphs. There has also been complementary work in the kind of network attack modeling needed for generating attack graphs [12]=-=[13]-=-[14]. Also, attack graphs have been generated for intrusion alert correlation [15][16][17][18]. However, this work does not address attack graph usability and complexity management as we do. While var... |

116 | Constructing Attack Scenarios through Correlation of Íntrusion Alerts
- Cui, Reeves
(Show Context)
Citation Context ...e has also been complementary work in the kind of network attack modeling needed for generating attack graphs [12][13][14]. Also, attack graphs have been generated for intrusion alert correlation [15]=-=[16]-=-[17][18]. However, this work does not address attack graph usability and complexity management as we do. While various approaches have been proposed for inducing hierarchical structure on graphs, our ... |

105 |
Using model checking to analyze network vulnerabilities
- Ritchey, Ammann
- 2001
(Show Context)
Citation Context ...e. They can be applied in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1]=-=[2]-=-[3][4][5][6][7][8][9][10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and comp... |

98 | Scalable, graph-based network vulnerability analysis
- Ammann, Wijesekera, et al.
- 2002
(Show Context)
Citation Context ...n both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1][2][3][4][5][6][7][8][9]=-=[10]-=-[11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and computational scalability. Bu... |

83 | Multilevel visualization of clustered graphs
- Eades, Feng
- 1996
(Show Context)
Citation Context ...and complexity management as we do. While various approaches have been proposed for inducing hierarchical structure on graphs, our framework is a form of socalled clustered graphs, first described in =-=[19]-=-. Actually, we apply a generalization of the original clustered graphs [20], in which it is possible to have views across multiple levels of the cluster hierarchy, as opposed to views at a single leve... |

81 |
LAMBDA: A Language to Model a Database for Detection of Attacks
- Cuppens, Ortalo
- 1907
(Show Context)
Citation Context ...antics, and introduce novel interactive visual representations for aggregated graphs. There has also been complementary work in the kind of network attack modeling needed for generating attack graphs =-=[12]-=-[13][14]. Also, attack graphs have been generated for intrusion alert correlation [15][16][17][18]. However, this work does not address attack graph usability and complexity management as we do. While... |

64 | Two formal analyses of attack graphs
- Jha, Sheyner, et al.
- 2002
(Show Context)
Citation Context ...y can be applied in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1][2][3]=-=[4]-=-[5][6][7][8][9][10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and computatio... |

64 |
Topological analysis of network attack vulnerability
- Jajodia, Noel, et al.
- 2004
(Show Context)
Citation Context ...ted throughout the graph, rather than being centralized. This makes it difficult to visually follow the distinct steps in the attack. An alternative attack dependency representation has been proposed =-=[11]-=- that is the dual of the one in the top of Figure 3, with security conditions being edges and exploits being vertices. That is, exploits are connected to one another via precondition/postcondition dep... |

53 |
Efficient minimum-cost network hardening via exploit dependency graphs
- Noel, Jajodia, et al.
- 2003
(Show Context)
Citation Context ...h attack state space) can be generated if needed. This compact representation supports efficient forms of post analysis such as the computation of minimal cost network hardening measures described in =-=[23]-=-. But for us, what is important (other than computational scalability) is that the attack graph can be readily interpreted by humans when it is visualized. In the original formulation [10] for monoton... |

52 |
Computer-Attack Graph Generation Tool
- Swiler, Phillips, et al.
- 2001
(Show Context)
Citation Context ...lied in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1][2][3][4][5][6][7]=-=[8]-=-[9][10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and computational scalabil... |

46 | Model-based analysis of configuration vulnerabilities
- Ramakrishnan, Sekar
(Show Context)
Citation Context ...onse. They can be applied in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically =-=[1]-=-[2][3][4][5][6][7][8][9][10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and c... |

33 | Correlating intrusion events and building attack scenarios through attack graph distance
- Noel, Jajodia
- 2004
(Show Context)
Citation Context ...so been complementary work in the kind of network attack modeling needed for generating attack graphs [12][13][14]. Also, attack graphs have been generated for intrusion alert correlation [15][16][17]=-=[18]-=-. However, this work does not address attack graph usability and complexity management as we do. While various approaches have been proposed for inducing hierarchical structure on graphs, our framewor... |

30 | Netkuang - a multi-host configuration vulnerability checker
- Zerkle, Levitt
- 1996
(Show Context)
Citation Context ...be applied in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1][2][3][4][5]=-=[6]-=-[7][8][9][10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and computational sc... |

26 |
Maintaining hierarchical graph views
- Buchsbaum, Westbrook
- 2000
(Show Context)
Citation Context ...osed for inducing hierarchical structure on graphs, our framework is a form of socalled clustered graphs, first described in [19]. Actually, we apply a generalization of the original clustered graphs =-=[20]-=-, in which it is possible to have views across multiple levels of the cluster hierarchy, as opposed to views at a single level only. Software architecture for clustered graphs, with arbitrary numbers ... |

23 | Representing TCP/IP Connectivity for Topological Analysis of Network Security
- Ritchey, Noel
- 2002
(Show Context)
Citation Context ...and introduce novel interactive visual representations for aggregated graphs. There has also been complementary work in the kind of network attack modeling needed for generating attack graphs [12][13]=-=[14]-=-. Also, attack graphs have been generated for intrusion alert correlation [15][16][17][18]. However, this work does not address attack graph usability and complexity management as we do. While various... |

16 |
Modeling Network Attacks: Extending the Attack Tree
- Dawkins, Campbell, et al.
- 2002
(Show Context)
Citation Context ...d in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1][2][3][4][5][6][7][8]=-=[9]-=-[10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and computational scalability... |

13 | Building attack scenarios through integration of complementary alert correlation methods
- Ning, Xu, et al.
- 2004
(Show Context)
Citation Context ...s also been complementary work in the kind of network attack modeling needed for generating attack graphs [12][13][14]. Also, attack graphs have been generated for intrusion alert correlation [15][16]=-=[17]-=-[18]. However, this work does not address attack graph usability and complexity management as we do. While various approaches have been proposed for inducing hierarchical structure on graphs, our fram... |

7 |
H.Kuang, Rule Based Security Checking
- Baldwin
- 1994
(Show Context)
Citation Context ...an be applied in both an offensive (e.g., penetration testing) or defensive (e.g., network hardening) context. Significant progress has been made in generating attack graphs automatically [1][2][3][4]=-=[5]-=-[6][7][8][9][10][11]. Previous work to date has focused on attack graph representations and generation algorithms, the network attack modeling necessary for generating attack graphs, and computational... |

5 | HGV: A library for hierarchies, graphs, and views
- Raitner
- 2002
(Show Context)
Citation Context ..., as opposed to views at a single level only. Software architecture for clustered graphs, with arbitrary numbers of hierarchies per graph and arbitrary numbers of views per hierarchy, is described in =-=[21]-=-. Recent work in clustered graphs is represented by [22]. 3. ATTACK GRAPH REPRESENTATION In terms of feasibility for realistic networks, perhaps the most critical property for attack graph representat... |

3 | Maintaining Hierarchical Graph Views for Dynamic Graphs
- Raitner
- 2004
(Show Context)
Citation Context ...rchitecture for clustered graphs, with arbitrary numbers of hierarchies per graph and arbitrary numbers of views per hierarchy, is described in [21]. Recent work in clustered graphs is represented by =-=[22]-=-. 3. ATTACK GRAPH REPRESENTATION In terms of feasibility for realistic networks, perhaps the most critical property for attack graph representations is scalability. In early formulations, e.g. [1][2][... |