Attack Prediction to Enhance Attack Path Discovery Using Improved Attack Graph

Zaid. J. Al-Araji, Universiti Teknikal Malaysia Melaka, Melaka, MalaysiaFollow
Sharifah Sakinah Syed Ahmad, Universiti Teknikal Malaysia Melaka, Melaka, Malaysia
Raihana Syahirah Abdullah, Universiti Teknikal Malaysia Melaka, Melaka, Malaysia

Abstract

Organisations and governments constantly face potential security attacks. However, the need for next-generation cyber defence has become even more urgent in a day and age when attack surfaces that hackers can exploit have grown at an alarming rate with an increase in the number of devices that are connected to the Internet. As such, next-generation cyber defence that relies on predictive analysis is more proactive than existing technologies that rely on intrusion detection. Many approaches with which to detect and predict attacks have been proposed in recent times. One such approach is attack graphs. The primary purpose of an attack graph is to not only predict an attack but its next steps within a network as well as. More specifically, an attack graph depicts the paths that an attacker may employ to circumvent network policies by exploiting interdependencies between the vulnerabilities. However, extant attack graphs are plagued with a few issues. Scalability is just one of the main issues that attack graph generation faces. This is because an increase in the number of devices used increases the number of vulnerabilities within a network. This, in turn, increases the complexity as well as the amount of time required to generate an attack graph. At present, existing studies that have used attack graphs to predict the subsequent steps during an attack have had to manually assigned the attack location for attack graph analysis. In order to overcome this limitation, this present study recommends the use of intelligent agents to reduce reachability time by calculating between the nodes as well as using the A* prune algorithm to remove useless edges and reduce attack graph complexity. For the attack graph analysis, the random forest (RF) algorithm was used to detect, predict, and dynamically ascertain the attack location in the network. The results of the attack graph generation experiment revealed that the A* prune attack graph produced better results than existing attack graphs.

Recommended Citation

Al-Araji, Zaid. J.; Syed Ahmad, Sharifah Sakinah; and Abdullah, Raihana Syahirah (2022) "Attack Prediction to Enhance Attack Path Discovery Using Improved Attack Graph," Karbala International Journal of Modern Science: Vol. 8 : Iss. 3 , Article 3.
Available at: https://doi.org/10.33640/2405-609X.3235