Security Countermeasures Selection Using Attack Graphs

摘要

Enterprise organizations expend significant resources on security countermeasures to make sure that their networks are protected. Risk analysis is one area of information security research that aims to help organizations in making quick decisions and preventing attackers from compromising their networks. Here we use attack graphs to both display possible attack vectors in simple systems and as an analysis tool for more complex systems. This can be used within a risk analysis strategy. System administrators face constant challenges when they have to decide what countermeasures they must deploy taking into account the minimum budget to deploy a set of countermeasures. The attack graph approach used here aims to minimize the cost of deploying countermeasures. Specifically we develop an approach to find the minimum cut set in dependency attack graphs using a genetic algorithm (GA). We also combine the GA with a local search algorithm to improve the performance of the GA. The minimum cut set is a natural graph representation describing a set of security countermeasures that prevent attackers reaching their targets. More importantly, this work considers shared security countermeasures that are deployed in more than one place in the attack graph. Therefore, there may be one security countermeasure that can fix multiple vulnerabilities. Alternatively, there may be a vulnerability or an exploit in the attack graph that can be stopped by one of multiple countermeasures. The work shows that the problem maps naturally to a binary encoded GA and gives good results without the need to deploy problem specific GA operators.