A practical approach to modeling vulnerabilities and assessing security risk level of a computer network
was proposed in this paper. Attack graph has been proposed by many researchers as a way to identify
critical network weaknesses, construct adversary models, evaluate network security and suggest changes to
improve security. In this work, we adopt an automatic approach in developing a logical attack graph on
Federal University of Technology Akure (FUTA) network using Bruce Schneier’s Attack Trees modeling
technique. An algorithm for auto-generating attack graphs was developed and implemented with
appropriate software technologies. The developed graph was analyzed to reveal the vulnerabilities and
threats and also to show the level of risk of attacks in the network using Meier’s techniques. Future work
proposed include using reasoning engines in conjunction with the existing techniques for modelling attacks,
thereby making the modelled graph more dynamic.
Keywords: Attack trees, attack graphs, network assets, vulnerability, security threats.
PAPER TITLE :DEVELOPMENT AND ANALYSIS OF A LOGICAL ATTACK GRAPH: CASE STUDY OF FEDERAL UNIVERSITY OF TECHNOLOGY AKURE (FUTA) NETWORK
FUTA JOURNAL OF RESEARCH IN SCIENCE | VOLUME 8 NUMBER 2 2012
Paper Details
- Author(s) : O.S. Ogundele,1 B.K. Alese,1 E.O. Ibidunmoye1 and M.O. Ajayi2
- Abstract:
