The Cyberattack Simulation by Graph Theory

Abstract

The article deals with a complex model of cyberattack based on graph theory, which combines the classical concepts of modeling complex attacks with extensions that take into account the vulnerabilities of system individual components and the network status of the components. An example of ttack scenario assessment is given and conclusions are drawn about the possibility of using the model to predict the consequences of the attack.

Keywords: cyberattack, vulnerability, attack graph, dependency graph, game model, system topology.

References
1. Сердюк В.А. Анализ современных тенденций построения моделей информационных атак / В.А. Сердюк // Информационные технологии. ‒ 2004. ‒ № 5. ‒ С. 94‒101.
2. Абрамов Е.С., Андреев А.В., Мордвин Д. В. Применение графов атак для моделирования вредоносных сетевых воздействий // Известия Южного федерального университета. Технические науки. ‒ 2012, № 5. ‒ C. 165‒173.
3. Колегов Д.Н. Проблемы синтеза и анализа графов атак. https://www.securitylab.ru/contest/299868.php.%202007?R=1.
4. Duong T.V., Bui H.H., Phung D.Q., et al. Activity recognition and abnormality detection with the switching hidden semimarkov model // In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR 2005), volume 1. San Diego, CA, USA, pp. 838–845.
5. Коломеец М.В. Чечулин А.А. Дойникова Е.В. Котенко И.В. Методика визуализации метрик кибербезопасности // Изв. вузов. Приборостроение. ‒ 2018. ‒ Т. 61, № 10. ‒ С. 873‒879.
6. Albanese M., Chellappa R., Moscato V., et al. A constrained probabilistic petri net framework for human activity detection in video.IEEE Transactions on ultimedia. ‒ 2008; 10(8): 1429–1443.
7. Kotenko I.V., Chechulin А.А. The use of attack to evaluate the security of computer networks and analysis of security events [Primenenie grafov atak dlya otsenki zashchishchennosti komp’yuternykh setey i analiza sobytiy bezopasnosti], Sistemy vysokoy dostupnosti [High Availability Systems]. ‒ 2013, Vol. 9, no. 3. ‒ pp. 103‒110.
8. Massimiliano Albanese and Sushil Jajodia. A Graphical Model to Assess the Impact of Multi-Step Attacks. Journal of Defense Modeling and Simulation: Applications, Methodology, Technologyб 2018, Vol. 15(1). ‒ P. 79–93.