Augmenting MulVAL with Automated Extraction of Vulnerabilities Descriptions

Augmenting MulVAL with Automated Extraction of Vulnerabilities Descriptions
Title:
Augmenting MulVAL with Automated Extraction of Vulnerabilities Descriptions
Other Titles:
IEEE TENCON2017
DOI:
Publication URL:
Publication Date:
05 November 2017
Citation:
Abstract:
Network attack graphs are a type of analysis tool that can be used to determine the impact that security vulnerabilities have on the network. It is important, then, for attack graphs to be able to represent enough information to aid this analysis. Moreover, they must be able to handle and integrate new vulnerabilities that are being discovered by the security community. We developed a prototype tool that can parse vulnerability descriptions, as provided in the CVE, to retrieve relevant information for generating interaction rules that can be incorporated into an attack graph generation software. The tool is able to parse correctly about 88.15% of sampled CVEs. Such a tool allows for the attack graphs generated to be up-to-date with any recently discovered vulnerabilities. Furthermore, the additional information provided by the generated rules enable more information to be used and represented in attack graphs in a simpler fashion, facilitating smoother analyses.
License type:
PublisherCopyrights
Funding Info:
Singapore National Research Foundation
Description:
ISBN:

Files uploaded:

File Size Format Action
mulvalcve-tencon-cameraready.pdf 541.86 KB PDF Open