5 CONCLUSIONS
Attack graph generation systems have been
researched over years, and they give good results of
illustrating the computer network security problem as
a whole, while current methods also face scalability
problems. In this work, we proposed a method for
correlating IDS with attack graph generation systems
on virtual networkings, especially where the network
is built on a cloud. By integrating LSAFID system
with mAGG system, we achieve high time efficiency
for intrusion detection correlation with vulnerability
indexing, and high dynamicity for partial attack graph
generations. The proposed method could be applied
to a virtual network with a large scale of deployments.
We will keep working on cyber security problems,
including the fields of IDS, attack graph generations,
etc. And this work will be a part of our final model of
cyber security intelligence framework.
REFERENCES
Asvija, B., Eswari, R., & Bijoy, M. B. (2020). Bayesian
attack graphs for platform virtualized infrastructures in
clouds. Journal of Information Security and
Applications, 51, 102455. https://doi.org/10.1016/
j.jisa.2020.102455
Browse cve vulnerabilities by date. (n.d.). Retrieved
November 22, 2022, from https://www.cvedetails.
com/browse-by-date.php
Cozman, F. G. (2000). Generalizing variable elimination in
bayesian networks. 27–32.
Frigault, M., & Wang, L. (2008). Measuring network
security using bayesian network-based attack graphs.
2008 32nd Annual IEEE International Computer
Software and Applications Conference, 698–703.
https://doi.org/10.1109/COMPSAC.2008.88
Hanwen Zhang. (2022). mAGG: A managed multi-layer
attack graph generator [Python 3]. https://
github.com/Cforcharming/mAGG (Original work
published 2022)
Hong, J. B., & Kim, D. S. (2013). Performance Analysis of
Scalable Attack Representation Models. In L. J.
Janczewski, H. B. Wolfe, & S. Shenoi (Eds.), Security
and Privacy Protection in Information Processing
Systems (pp. 330–343). Springer. https://doi.org/
10.1007/978-3-642-39218-4_25
Hu, H., Liu, J., Zhang, Y., Liu, Y., Xu, X., & Tan, J. (2020).
Attack scenario reconstruction approach using attack
graph and alert data mining. Journal of Information
Security and Applications, 54, 102522. https://doi.org/
10.1016/j.jisa.2020.102522
Hu, Y., Li, D., Sun, P., Yi, P., & Wu, J. (2020).
Polymorphic smart network: An open, flexible and
universal architecture for future heterogeneous
networks. IEEE Transactions on Network Science and
Engineering, 7(4), 2515–2525. https://doi.org/
10.1109/TNSE.2020.3006249
Ingols, K., Lippmann, R., & Piwowarski, K. (2006).
Practical Attack Graph Generation for Network
Defense. 2006 22nd Annual Computer Security
Applications Conference (ACSAC’06), 121–130.
https://doi.org/10.1109/ACSAC.2006.39
J. Postel. (1988). Standard for the transmission of IP
datagrams over IEEE 802 networks (Request for
Comments RFC 1042). Internet Engineering Task
Force. https://doi.org/10.17487/RFC1042
Jajodia, S., Noel, S., & O’Berry, B. (2005). Topological
Analysis of Network Attack Vulnerability. In V.
Kumar, J. Srivastava, & A. Lazarevic (Eds.), Managing
Cyber Threats: Issues, Approaches, and Challenges
(pp. 247–266). Springer US. https://doi.org/10.1007/0-
387-24230-9_9
Kaynar, K. (2016). A taxonomy for attack graph generation
and usage in network security. Journal of Information
Security and Applications, 29, 27–56. https://doi.org
/10.1016/j.jisa.2016.02.001
Liu, Q., & Liu, Q. (2014). A study on topology in computer
network. 2014 7th International Conference on
Intelligent Computation Technology and Automation,
45–48. https://doi.org/10.1109/ICICTA.2014.18
Meghan Rimol. (2022, June 2). Gartner says worldwide
IaaS public cloud services market grew 41.4% in
2021. Gartner. https://www.gartner.com/en/newsroom/
press-releases/2022-06-02-gartner-says-worldwide-iaas-
public-cloud-services-market-grew-41-percent-in-2021
Nadeem, A., Verwer, S., Moskal, S., & Yang, S. J. (2022).
Alert-driven attack graph generation using S-PDFA.
IEEE Transactions on Dependable and Secure
Computing, 19(2), 731–746. https://doi.org/10.1109/
TDSC.2021.3117348
Noel, S., Robertson, E., & Jajodia, S. (2004). Correlating
intrusion events and building attack scenarios through
attack graph distances. 20th Annual Computer Security
Applications Conference, 350–359. https://doi.org/
10.1109/CSAC.2004.11
Orchestration. (2022, November 17). Docker
Documentation. https://docs.docker.com/get-started/
orchestration/
Ou, X., Govindavajhala, S., & Appel, A. W. (2005).
MulVAL: A logic-based network security analyzer.
14th USENIX Security Symposium (USENIX Security
05). 14th USENIX Security Symposium (USENIX
Security 05). https://www.usenix.org/conference/
14th-usenix-security-symposium/mulval-logic-based-
network-security-analyzer
OVAL-Community. (2022). The OVAL community
repository [XSLT]. OVAL-Community. https://github.
com/OVAL-Community/OVAL (Original work
published 2018)
Phillips, C., & Swiler, L. P. (1998). A graph-based system
for network-vulnerability analysis. Proceedings of the
1998 Workshop on New Security Paradigms - NSPW
’98, 71–79. https://doi.org/10.1145/310889.310919
Poolsappasit, N., Dewri, R., & Ray, I. (2012). Dynamic
security risk management using bayesian attack graphs.