DISCOVERING CYBER-ATTACK PROCESS MODEL BASED ON ANALYTICAL ATTACK GRAPHS

DISCOVERING CYBER-ATTACK PROCESS MODEL BASED ON ANALYTICAL ATTACK GRAPHS

Implementations of the present disclosure include receiving analytical attack graph data representative of an analytical attack graph, the analytical attack graph including: one or more rule nodes each representing a network configuration rule; and one or more impact nodes each representing an impac...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hadad, Moshe, Basovskiy, Alexander, Engelberg, Gal
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Implementations of the present disclosure include receiving analytical attack graph data representative of an analytical attack graph, the analytical attack graph including: one or more rule nodes each representing a network configuration rule; and one or more impact nodes each representing an impact of one or more respective network configuration rules; converting the analytical attack graph to a tactic graph including one or more tactic nodes, each tactic node representing at least one rule node and at least one impact node; determining one or more paths of the tactic graph that lead to a particular network impact; generating a process model based on the paths that lead to the particular network impact, the process model representing network activity for execution of a process that leads to the particular network impact; and executing one or more remedial actions based on the process model to mitigate cyber-security risk to the enterprise network.