×

GENERATING A MULTIPLE-PREREQUISITE ATTACK GRAPH

  • US 20090293128A1
  • Filed: 06/08/2007
  • Published: 11/26/2009
  • Est. Priority Date: 06/09/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method to generate an attack graph, comprising:

  • selecting a first state node as a starting point of a cyber attack, the first state node corresponding to access to a first host in a network;

    coupling the first state node to a first prerequisite node having a first precondition satisfied by the first state node using a first edge;

    coupling the first prerequisite node to a first vulnerability instance node having a second precondition satisfied by the first prerequisite node using a second edge;

    coupling the first vulnerability instance node to a second state node having a third precondition satisfied by the first vulnerability instance node using a third edge;

    determining if a potential node, having a fourth precondition satisfied by a current node on the attack graph, provides a fifth precondition equivalent to one of preconditions provided by a group of preexisting nodes, the group of preexisting nodes comprising the first state node, the first vulnerability instance node, the first prerequisite node and the second state node;

    if the fifth precondition is equivalent to one of the preconditions provided by the group of preexisting nodes, coupling the current node to a preexisting node providing the precondition equivalent to the fifth precondition using a fourth edge; and

    if the fifth precondition is not equivalent to one of the preconditions provided by the group of preexisting nodes,generating the potential node as a new node on the attack graph; and

    coupling the new node to the current node using a fifth edge.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×