9.3. Attack Graphs are Scenario Graphs
In the security community, Red Teams construct attack graphs to show how a system is vulnerable to attack. Each path in an attack graph shows a way in which an intruder can compromise the security of a system. These graphs are drawn by hand. A typical result of such intensive manual effort is a floor-to-ceiling, wall-to-wall “white board” attack graph, such as the one produced by a Red Team at Sandia National Labs for DARPA’s CC20008 information battlespace preparation experiment (Figure 9.3). Each box in the graph designates a single intruder action. A path from one of the leftmost boxes in the graph to one of the rightmost boxes is a sequence of actions corresponding to an attack scenario. At the end of ...
Get Information Assurance now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
