Cyclic Bayesian Attack Graphs: A Systematic Computational Approach
- Submitting institution
-
University of Newcastle upon Tyne
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 273227-130746-1292
- Type
- E - Conference contribution
- DOI
-
10.1109/TrustCom50675.2020.00030
- Title of conference / published proceedings
- 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2020)
- First page
- 129
- Volume
- -
- Issue
- -
- ISSN
- 2324-9013
- Open access status
- Compliant
- Month of publication
- December
- Year of publication
- 2020
- URL
-
http://ieee-trustcom.org/share2020/AdvanceProgram.pdf
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
3
- Research group(s)
-
E - Secure and Resilient Systems
- Citation count
- -
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- Bayesian attack graphs are useful to assess the relative importance of attack scenarios and prioritize security measures accordingly. Attack graphs generated by network scanning tools are normally cyclic and therefore cannot be solved as a Bayesian network. This paper uses a formal probabilistic approach to resolve in a systemic manner how to solve attack graphs with cycles. Ours is the first approach that does not rely on removing arcs from the graphs (which would change the model). It is exact for acyclic models, can be applied to any cyclic attack graph, and exhibits a natural intuitive interpretation.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -