9.6. Attack Graph Analysis

Attack graphs serve as the basis of further analysis in several areas of network security, including intrusion detection, defense, and forensic analysis. System administrators use attack graphs for the following reasons:

  • To gather information: Attack graphs can answer questions like “What attacks is my system vulnerable to?” and “From an initial configuration, how many different ways can an intruder reach a final state to achieve his or her goal?”

  • To make decisions: Attack graphs can answer questions like “Which set of actions should I prevent to ensure the intruder cannot achieve his or her goal?” or “Which set of security measures should I deploy to ensure the intruder cannot achieve his or her goal?”

Since we can ...

Get Information Assurance now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.