More Web Proxy on the site http://driver.im/

research-article

Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR

Authors:

Richard Lippmann,

Stephen BoyerAuthors Info & Claims

VizSec '10: Proceedings of the Seventh International Symposium on Visualization for Cyber Security

Pages 22 - 33

https://doi.org/10.1145/1850795.1850798

Published: 14 September 2010 Publication History

Abstract

A new tool named NAVIGATOR (Network Asset VIsualization: Graphs, ATtacks, Operational Recommendations) adds significant capabilities to earlier work in attack graph visualization. Using NAVIGATOR, users can visualize the effect of server-side, client-side, credential-based, and trust-based attacks. By varying the attacker model, NAVIGATOR can show the current state of the network as well as hypothetical future situations, allowing for advance planning. Furthermore, NAVIGATOR explicitly shows network topology, infrastructure devices, and host-level data while still conveying situational awareness of the network as a whole. This tool is implemented in Java and uses an existing C++ engine for reachability and attack graph calculations.

References

[1]

National vulnerability database, NIST. http://nvd.nist.gov/, March 2010.

[2]

RedSeal systems. http://www.redseal.net, March 2010.

[3]

Skybox security. http://www.skyboxsecurity.com, March 2010.

[4]

D. Barrera and P. van Oorschot. Security visualization tools and IPv6 addresses. In 6th International Workshop on Visualization for Cyber Security (VizSec), 2009.

[5]

B. B. Bederson, B. Shneiderman, and M. Wattenberg. Ordered and quantum treemaps: Making effective use of 2d space to display hierarchies. ACM Trans. Graph., 21(4):833--854, 2002.

Digital Library

[6]

J. Glanfield, S. Brooks, T. Taylor, D. Paterson, C. Smith, C. Gates, and J. McHugh. Over flow: An overview visualization for network analysis. In 6th International Workshop on Visualization for Cyber Security (VizSec), pages 11--19, 2009.

[7]

D. Holten. Hierarchical edge bundles: Visualization of adjacency relations in hierarchical data. IEEE Transactions on Visualization and Computer Graphics, 12:741--748, 2006.

Digital Library

[8]

J. Homer, A. Varikuti, X. Ou, and M. A. McQueen. Improving attack graph visualization through data reduction and attack grouping. In 5th International Workshop on Visualization for Cyber Security (VizSec), pages 68--79, 2008.

Digital Library

[9]

K. Ingols, M. Chu, R. Lippmann, S. Webster, and S. Boyer. Modeling modern network attacks and countermeasures using attack graphs. In ACSAC. IEEE Computer Society, 2009.

Digital Library

[10]

K. Ingols, R. Lippmann, and K. Piwowarski. Practical attack graph generation for network defense. In ACSAC, pages 121--130. IEEE Computer Society, 2006.

Digital Library

[11]

R. Lippmann et al. Validating and restoring defense in depth using attack graphs. In IEEE Military Communications Conference (MILCOM), 2006.

Digital Library

[12]

S. Morrissey and G. Grinstein. Visualizing firewall configurations using created voids. In 6th International Workshop on Visualization for Cyber Security (VizSec), pages 75--79, 2009.

[13]

S. O'Hare, S. Noel, and K. Prole. A graph-theoretic visualization approach to network risk analysis. In 5th International Workshop on Visualization for Cyber Security (VizSec), pages 60--67, 2008.

Digital Library

[14]

D. Phan, L. Xiao, R. Yeh, P. Hanrahan, and T. Winograd. Flow map layout. In Proceedings of the IEEE Symposium on Information Visualization 2005, pages 219--224, 2005.

Digital Library

[15]

T. Taylor, D. Paterson, J. Glanfield, C. Gates, S. Brooks, and J. McHugh. Flovis: Flow visualization system. Conference For Homeland Security, 2009. CATCH '09. Cybersecurity Applications Technology, pages 186--198, 2009.

Digital Library

[16]

L. Williams, R. Lippmann, and K. Ingols. GARNET: A graphical attack graph and reachability network evaluation tool. In 5th International Workshop on Visualization for Cyber Security (VizSec), pages 44--59, 2008.

Digital Library

Cited By

Chimuco FSequeiros JSimōes TFreire MInácio P(2024)Expediting the design and development of secure cloud-based mobile appsInternational Journal of Information Security10.1007/s10207-024-00880-623:4(3043-3064)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1007/s10207-024-00880-6
Engström VJohnson PLagerström RRingdahl EWällstedt M(2023)Automated Security Assessments of Amazon Web Services EnvironmentsACM Transactions on Privacy and Security10.1145/357090326:2(1-31)Online publication date: 13-Mar-2023
https://dl.acm.org/doi/10.1145/3570903
Callahan DCurry TDavidson HZitoun HFuller BMichel L(2023)FASHION: Functional and Attack Graph Secured HybrId Optimization of Virtualized NetworksIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.319884320:4(3093-3109)Online publication date: 1-Jul-2023
https://doi.org/10.1109/TDSC.2022.3198843
Show More Cited By

Index Terms

Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR
1. Human-centered computing
  1. Human computer interaction (HCI)
2. Networks
  1. Network services

Recommendations

GARNET: A Graphical Attack Graph and Reachability Network Evaluation Tool
VizSec '08: Proceedings of the 5th international workshop on Visualization for Computer Security

Attack graphs enable computation of important network security metrics by revealing potential attack paths an adversary could use to gain control of network assets. This paper presents GARNET (Graphical Attack graph and Reachability Network Evaluation ...
A planner-based approach to generate and analyze minimal attack graph

In the present scenario, even well administered networks are susceptible to sophisticated cyber attacks. Such attack combines vulnerabilities existing on different systems/services and are potentially more harmful than single point attacks. One of the ...
A Graph-Theoretic Visualization Approach to Network Risk Analysis
VizSec '08: Proceedings of the 5th international workshop on Visualization for Computer Security

This paper describes a software system that provides significant new capabilities for visualization and analysis of network attack graphs produced through Topological Vulnerability Analysis (TVA). The TVA approach draws on a database of known exploits ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

VizSec '10: Proceedings of the Seventh International Symposium on Visualization for Cyber Security

September 2010

123 pages

ISBN:9781450300131

DOI:10.1145/1850795

General Chair:
John Gerth
Stanford University

Copyright © 2010 ACM acknowledges that this contribution was authored or co-authored by a contractor or affiliate of the U.S. Government.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 September 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

U.S. Air Force

Conference

VizSec '10

VizSec '10: 7th International Symposium on Visualization for Cyber Security

September 14, 2010

Ontario, Ottawa, Canada

Acceptance Rates

VizSec '10 Paper Acceptance Rate 12 of 27 submissions, 44%;

Overall Acceptance Rate 39 of 111 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

41
Total Citations
View Citations
920
Total Downloads

Downloads (Last 12 months)21
Downloads (Last 6 weeks)2

Reflects downloads up to 12 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Chimuco FSequeiros JSimōes TFreire MInácio P(2024)Expediting the design and development of secure cloud-based mobile appsInternational Journal of Information Security10.1007/s10207-024-00880-623:4(3043-3064)Online publication date: 1-Aug-2024
https://dl.acm.org/doi/10.1007/s10207-024-00880-6
Engström VJohnson PLagerström RRingdahl EWällstedt M(2023)Automated Security Assessments of Amazon Web Services EnvironmentsACM Transactions on Privacy and Security10.1145/357090326:2(1-31)Online publication date: 13-Mar-2023
https://dl.acm.org/doi/10.1145/3570903
Callahan DCurry TDavidson HZitoun HFuller BMichel L(2023)FASHION: Functional and Attack Graph Secured HybrId Optimization of Virtualized NetworksIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.319884320:4(3093-3109)Online publication date: 1-Jul-2023
https://doi.org/10.1109/TDSC.2022.3198843
Rabzelj MBohak CJužnič LKos ASedlar U(2023)Cyberattack Graph Modeling for Visual AnalyticsIEEE Access10.1109/ACCESS.2023.330464011(86910-86944)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3304640
Zenitani K(2023)Attack graph analysisComputers and Security10.1016/j.cose.2022.103081126:COnline publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1016/j.cose.2022.103081
Cody T(2022)A Layered Reference Model for Penetration Testing with Reinforcement Learning and Attack Graphs2022 IEEE 29th Annual Software Technology Conference (STC)10.1109/STC55697.2022.00015(41-50)Online publication date: Oct-2022
https://doi.org/10.1109/STC55697.2022.00015
An SLeung AHong JEom TPark J(2022)Toward Automated Security Analysis and Enforcement for Cloud Computing Using Graphical Models for SecurityIEEE Access10.1109/ACCESS.2022.319054510(75117-75134)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3190545
Hacks SKaczmarek-Heß Mde Kinderen STöpel D(2022)A Multi-level Cyber-Security Reference Model in Support of Vulnerability AnalysisEnterprise Design, Operations, and Computing10.1007/978-3-031-17604-3_2(19-35)Online publication date: 28-Sep-2022
https://doi.org/10.1007/978-3-031-17604-3_2
Nadeem AVerwer SYang S(2021)SAGE: Intrusion Alert-driven Attack Graph Extractor2021 IEEE Symposium on Visualization for Cyber Security (VizSec)10.1109/VizSec53666.2021.00009(36-41)Online publication date: Oct-2021
https://doi.org/10.1109/VizSec53666.2021.00009
Angelini MBlasilli GBonomi SLenti SPalleschi ASantucci GPaoli E(2021)BUCEPHALUS: a BUsiness CEntric cybersecurity Platform for proActive anaLysis Using visual analyticS2021 IEEE Symposium on Visualization for Cyber Security (VizSec)10.1109/VizSec53666.2021.00007(15-25)Online publication date: Oct-2021
https://doi.org/10.1109/VizSec53666.2021.00007
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents