State Space Explosion Mitigation for Large-Scale Attack and Compliance Graphs Using Synchronous Exploit Firing

IEEE Open Journal of the Computer Society Pub Date : 2023-03-16 DOI:10.1109/OJCS.2023.3276370

Noah L. Schrick;Peter J. Hawrylak

{"title":"State Space Explosion Mitigation for Large-Scale Attack and Compliance Graphs Using Synchronous Exploit Firing","authors":"Noah L. Schrick;Peter J. Hawrylak","doi":"10.1109/OJCS.2023.3276370","DOIUrl":null,"url":null,"abstract":"Attack and compliance graphs are useful tools for cybersecurity and regulatory or compliance analysis. Thgraphs represent the state of a system or a set of systems, and can be used to identify all current or future ways the systems are compromised or at risk of violating regulatory or compliance mandates. However, due to their exhaustiveness and thorough permutation checking, these graphs suffer from state space explosion - the graphs rapidly increase in the total number of states, and likewise, their generation time also rapidly increases. This state space explosion in turn also slows the analysis process. This work introduces a mitigation technique called synchronous firing, where graph users and designers can prevent the generation of infeasible states by firing exploits simultaneously through joining inseparable features like time. This feature does not invalidate the integrity of the resulting attack or compliance graph by altering the exhaustiveness or permutation checking of the generation process, but rather jointly fires exploits through their defined inseparable features.","PeriodicalId":13205,"journal":{"name":"IEEE Open Journal of the Computer Society","volume":"4 ","pages":"147-157"},"PeriodicalIF":0.0000,"publicationDate":"2023-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/iel7/8782664/10016900/10124989.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of the Computer Society","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/10124989/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Attack and compliance graphs are useful tools for cybersecurity and regulatory or compliance analysis. Thgraphs represent the state of a system or a set of systems, and can be used to identify all current or future ways the systems are compromised or at risk of violating regulatory or compliance mandates. However, due to their exhaustiveness and thorough permutation checking, these graphs suffer from state space explosion - the graphs rapidly increase in the total number of states, and likewise, their generation time also rapidly increases. This state space explosion in turn also slows the analysis process. This work introduces a mitigation technique called synchronous firing, where graph users and designers can prevent the generation of infeasible states by firing exploits simultaneously through joining inseparable features like time. This feature does not invalidate the integrity of the resulting attack or compliance graph by altering the exhaustiveness or permutation checking of the generation process, but rather jointly fires exploits through their defined inseparable features.

查看原文本刊更多论文

大规模攻击的状态空间爆炸缓解和使用同步攻击射击的柔顺图

攻击和合规图是网络安全和监管或合规分析的有用工具。这些图表表示一个系统或一组系统的状态，可用于识别系统受到损害或有违反监管或合规规定风险的所有当前或未来方式。然而，由于它们的穷尽性和彻底的排列检查，这些图受到状态空间爆炸的影响——图的状态总数迅速增加，同样，它们的生成时间也迅速增加。这种状态空间爆炸反过来也减慢了分析过程。这项工作引入了一种称为同步激发的缓解技术，在该技术中，图形用户和设计者可以通过连接时间等不可分割的特征来同时激发漏洞，从而防止不可行状态的产生。该功能不会通过改变生成过程的穷尽性或排列检查来使生成的攻击或合规图的完整性失效，而是通过其定义的不可分割特征来联合激发利用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Open Journal of the Computer Society

CiteScore

12.60

自引率

0.00%

发文量