Advances in Topological Vulnerability Analysis

Currently, network administrators must rely on labor-intensive processes for tracking network configurations and vulnerabilities, which requires a great deal of expertise and is error prone. The organization of networks and the interdependencies of vulnerabilities are so complex as to make traditional vulnerability analysis inadequate. The paper describes a Topological Vulnerability Analysis (TVA) approach that analyzes vulnerability dependencies and shows all possible attack paths into a network. From models of the network vulnerabilities and potential attacker exploits, one discovers attack paths (organized as graphs) that convey the impact of individual and combined vulnerabilities on overall security. The paper provides sophisticated attack graph visualizations, with high-level overviews and detail drilldown.