Analysis and visualization of large complex attack graphs for networks security

Hongda Chen; Genshe Chen; Erik Blasch; Martin Kruger; Irma Sityar

doi:10.1117/12.720035

Translator Disclaimer

9 April 2007 Analysis and visualization of large complex attack graphs for networks security

Hongda Chen; Genshe Chen; Erik Blasch; Martin Kruger; Irma Sityar

Author Affiliations +

Proceedings Volume 6570, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2007; 657004 (2007) https://doi.org/10.1117/12.720035
Event: Defense and Security Symposium, 2007, Orlando, Florida, United States

Abstract

In this paper, we have proposed a comprehensive and innovative approach for analysis and visualization of large complex multi-step cyber attack graphs. As an automated tool for cyber attack detection, prediction, and visualization, the newly proposed method transforms large quantities of network security data into real-time actionable intelligence, which can be used to (1) provide guidance on network hardening to prevent attacks, (2) perform real-time attack event correlation during active attacks, and (3) formulate post-attack responses. We show that it is possible to visualize the complex graphs, including all possible network attack paths while still keeping complexity manageable. The proposed analysis and visualization tool provides an efficient and effective solution for predicting potential attacks upon observed intrusion evidence, as well as interactive multi-resolution views such that an analyst can first obtain high-level overviews quickly, and then drill down to specific details.

Citation Download Citation

Hongda Chen, Genshe Chen, Erik Blasch, Martin Kruger, and Irma Sityar "Analysis and visualization of large complex attack graphs for networks security", Proc. SPIE 6570, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2007, 657004 (9 April 2007); https://doi.org/10.1117/12.720035

ACCESS THE FULL ARTICLE