Ranking vulnerability fixes using planning graph analysis Academic Article uri icon

abstract

  • Abstract During the past years logical attack graphs were used to find the most critical vulnerabilities and devise efficient hardening strategies for organizational networks. Most techniques for ranking vulnerabilities either do not scale well, eg brute-force attack plan enumeration, or are not well suited for the analysis of logical attack graphs, eg centrality measures. In this paper we suggest an analysis of the planning graph (from classical planning) derived from the logical attack graph to improve the accuracy of centrality …

publication date

  • January 1, 2017