A novel approach to collaborative security using attack graph

摘要

Attacks against networks of critical sector enterprises are on the rise due to rapid advancement of information and communication technologies and its wide adoption. The task of security analysis of such networks is compounded by the fact that they are now being interconnected for improved performance. Conventional defence approaches have been mostly host centric, which are less effective in the face of multistage attacks. An attack graph makes explicit the causal relationships between different vulnerabilities. Reachability queries on attack graphs provide meaningful information to the security administrators. But for a conglomeration of large enterprise networks, the enormous size of the attack graph poses problem for its effective use. Collaborative approach to security enables a global view of attack activities by combining attack information from multiple participating sites. This paper presents a novel approach of using attack graphs for the purpose of collaborative security.