Process risk calculation based on hardness of attack paths

Process risk calculation based on hardness of attack paths

Implementations are directed to receiving analytical attack graph (AAG) data representative of one or more AAGs, each AAG representing one or more lateral paths between configuration items within an enterprise network, calculating, for each configuration item in a set of configuration items, a proce...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hassanzadeh, Amin, Ullah, MD Sharif, Nayak, Anup
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Implementations are directed to receiving analytical attack graph (AAG) data representative of one or more AAGs, each AAG representing one or more lateral paths between configuration items within an enterprise network, calculating, for each configuration item in a set of configuration items, a process risk value for each impact in a set of impacts achievable within the configuration item, for a first impact, a first process risk value being calculated based on a multi-path formula in response to determining that multiple paths in the AAG lead to the first impact, and, for a second impact, a second process risk value being calculated based on a single-path formula in response to determining that a single path in the AAG leads to the second impact, and determining that at least one process risk value exceeds a threshold process risk value, and in response, adjusting one or more security controls within the enterprise network.