攻击图的正式方法

IF 1 4区计算机科学 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Annals of Mathematics and Artificial Intelligence Pub Date : 2025-01-02 DOI:10.1007/s10472-024-09959-1

Davide Catta, Jean Leneutre, Vadim Malvone, Aniello Murano

{"title":"攻击图的正式方法","authors":"Davide Catta, Jean Leneutre, Vadim Malvone, Aniello Murano","doi":"10.1007/s10472-024-09959-1","DOIUrl":null,"url":null,"abstract":"<div><p>An attack graph is a concise portrayal of the various paths within an open system that enable an attacker to reach a prohibited state (such as gaining access to a restricted resource), despite the system’s preventive measures. The assessment of system vulnerability involves examining the presence of such paths. In this work, we analyze attack graphs using a game-theoretic approach. Specifically, we introduce a well-suited game model that represents the dynamics between the system and the attacker, and propose an automata-based solution to demonstrate the absence of vulnerability.</p></div>","PeriodicalId":7971,"journal":{"name":"Annals of Mathematics and Artificial Intelligence","volume":"93 4","pages":"589 - 610"},"PeriodicalIF":1.0000,"publicationDate":"2025-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A formal approach to attack graphs\",\"authors\":\"Davide Catta, Jean Leneutre, Vadim Malvone, Aniello Murano\",\"doi\":\"10.1007/s10472-024-09959-1\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>An attack graph is a concise portrayal of the various paths within an open system that enable an attacker to reach a prohibited state (such as gaining access to a restricted resource), despite the system’s preventive measures. The assessment of system vulnerability involves examining the presence of such paths. In this work, we analyze attack graphs using a game-theoretic approach. Specifically, we introduce a well-suited game model that represents the dynamics between the system and the attacker, and propose an automata-based solution to demonstrate the absence of vulnerability.</p></div>\",\"PeriodicalId\":7971,\"journal\":{\"name\":\"Annals of Mathematics and Artificial Intelligence\",\"volume\":\"93 4\",\"pages\":\"589 - 610\"},\"PeriodicalIF\":1.0000,\"publicationDate\":\"2025-01-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Annals of Mathematics and Artificial Intelligence\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://link.springer.com/article/10.1007/s10472-024-09959-1\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annals of Mathematics and Artificial Intelligence","FirstCategoryId":"94","ListUrlMain":"https://link.springer.com/article/10.1007/s10472-024-09959-1","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

摘要

攻击图是开放系统内各种路径的简明描述，这些路径使攻击者能够达到禁止状态（例如访问受限制的资源），尽管系统采取了预防措施。系统脆弱性的评估包括检查这些路径的存在。在这项工作中，我们使用博弈论方法分析攻击图。具体来说，我们引入了一个非常适合的游戏模型，它代表了系统和攻击者之间的动态，并提出了一个基于自动机的解决方案来证明不存在漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A formal approach to attack graphs

An attack graph is a concise portrayal of the various paths within an open system that enable an attacker to reach a prohibited state (such as gaining access to a restricted resource), despite the system’s preventive measures. The assessment of system vulnerability involves examining the presence of such paths. In this work, we analyze attack graphs using a game-theoretic approach. Specifically, we introduce a well-suited game model that represents the dynamics between the system and the attacker, and propose an automata-based solution to demonstrate the absence of vulnerability.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Annals of Mathematics and Artificial Intelligence 工程技术-计算机：人工智能

CiteScore

3.00

自引率

8.30%

发文量

审稿时长

>12 weeks

期刊介绍： Annals of Mathematics and Artificial Intelligence presents a range of topics of concern to scholars applying quantitative, combinatorial, logical, algebraic and algorithmic methods to diverse areas of Artificial Intelligence, from decision support, automated deduction, and reasoning, to knowledge-based systems, machine learning, computer vision, robotics and planning. The journal features collections of papers appearing either in volumes (400 pages) or in separate issues (100-300 pages), which focus on one topic and have one or more guest editors. Annals of Mathematics and Artificial Intelligence hopes to influence the spawning of new areas of applied mathematics and strengthen the scientific underpinnings of Artificial Intelligence.