Abstract :
As a network system dependencies increase, such systems are vulnerable due to some software misconfigurations, software flaws, and operating system service malfunctions and are exposed to various attacks. Network managers frequently rely on Attack Graphs to visually perform network systems security risk assessment. The Attack Graphs are very cumbersome to comprehend visually as they develop exponentially when network size rises or when vulnerabilities in a network increase in the number of hosts. This paper addresses the Attack Graph generation's scalability problems by leveraging the context of graph theory. MulVAL and Nessus scanner instruments were used respectively for Attack Graph generation and mapping of network data. A computational algorithm has been formulated which is capable of handling cycles. A valid path detection algorithm was also formulated to determine the most critical and valid paths required for the security risk assessment of the network purpose within an Attack Graph. The results showed that the Attack Graphs' proposed model reduces redundancy. This will help the security administrator make reasonable decisions on the network systems' security risk management.
Keyword :
Graph, Cycles, Critical Path, Attack, Risk Management, Security