VKG2AG : Generating Automated Knowledge-Enriched Attack Graph (AG) from Vulnerability Knowledge Graph (VKG)

Md  Rakibul Hasan Talukder; Rakesh Podder; Indrajit Ray

doi:10.5220/0013526700003979

VKG2AG : Generating Automated Knowledge-Enriched Attack Graph (AG) from Vulnerability Knowledge Graph (VKG)

Md Rakibul Hasan Talukder, Rakesh Podder, Indrajit Ray

2025

Abstract

Attack Graph (AG) analysis is a well-established technique to asses security threats in networked systems. However, traditional AGs primarily rely on coarse level vulnerability information from the Common Vulnerabilities and Exposures (CVE) repository for identifying attack paths and suggesting patch-based mitigation strategies. This approach presents significant limitations, including unavailability of patches, compatibility constraints, and system downtime, leaving security analysts without viable alternatives for optimized risk mitigation. To address this challenge, we propose two new paradigms: a novel knowledge-enriched AG framework and a Vulnerability Knowledge Graph (VKG). VKG incorporate fine-grained, structured vulnerability information that allows exploration of additional attack mitigation strategies beyond vulnerability patching in the AG analysis. We formally define VKG and AG along with algorithms for automated knowledge build-up, integration, and querying. To ensure seamless interoperability, we develop an interface that facilitates dynamic knowledge transfer between VKG and AG, enabling enhanced security reasoning without introducing inter-dependencies. We evaluate our methodology on a test network and demonstrate how the knowledge-driven AG can improve security decision-making by providing system administrators with adaptable, scenario-based defense mechanisms with actionable insights.

Download

Paper Citation

in Harvard Style

Talukder M., Podder R. and Ray I. (2025). VKG2AG : Generating Automated Knowledge-Enriched Attack Graph (AG) from Vulnerability Knowledge Graph (VKG). In Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-760-3, SciTePress, pages 420-428. DOI: 10.5220/0013526700003979

in Bibtex Style

@conference{secrypt25,
author={Md Talukder and Rakesh Podder and Indrajit Ray},
title={VKG2AG : Generating Automated Knowledge-Enriched Attack Graph (AG) from Vulnerability Knowledge Graph (VKG)},
booktitle={Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2025},
pages={420-428},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013526700003979},
isbn={978-989-758-760-3},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 22nd International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - VKG2AG : Generating Automated Knowledge-Enriched Attack Graph (AG) from Vulnerability Knowledge Graph (VKG)
SN - 978-989-758-760-3
AU - Talukder M.
AU - Podder R.
AU - Ray I.
PY - 2025
SP - 420
EP - 428
DO - 10.5220/0013526700003979
PB - SciTePress