Related papers: Integrating Network and Attack Graphs for Service-Centric Impact Analysis

Integrating Network and Attack Graphs for Service-Centric Impact Analysis

URL: http://arxiv.org/abs/2507.00637v1
Date: Tue, 01 Jul 2025 10:29:45 GMT
Title: Integrating Network and Attack Graphs for Service-Centric Impact Analysis
Authors: Joni Herttuainen, Vesa Kuikka, Kimmo K. Kaski,
Abstract summary: We present a novel methodology for modelling, visualising, and analysing cyber threats, attack paths, and their impact on user services in networks of digital devices and services they provide.<n>Using probabilistic methods to track the propagation of an attack through attack graphs, via the service or application layers, and on physical communication networks, our model enables us to analyse cyber attacks at different levels of detail.
Score: 0.0
License: http://creativecommons.org/licenses/by/4.0/
Abstract: We present a novel methodology for modelling, visualising, and analysing cyber threats, attack paths, as well as their impact on user services in enterprise or infrastructure networks of digital devices and services they provide. Using probabilistic methods to track the propagation of an attack through attack graphs, via the service or application layers, and on physical communication networks, our model enables us to analyse cyber attacks at different levels of detail. Understanding the propagation of an attack within a service among microservices and its spread between different services or application servers could help detect and mitigate it early. We demonstrate that this network-based influence spreading modelling approach enables the evaluation of diverse attack scenarios and the development of protection and mitigation measures, taking into account the criticality of services from the user's perspective. This methodology could also aid security specialists and system administrators in making well-informed decisions regarding risk mitigation strategies.

Related papers

A Survey on Model Extraction Attacks and Defenses for Large Language Models [55.60375624503877]
Model extraction attacks pose significant security threats to deployed language models.<n>This survey provides a comprehensive taxonomy of extraction attacks and defenses, categorizing attacks into functionality extraction, training data extraction, and prompt-targeted attacks.<n>We examine defense mechanisms organized into model protection, data privacy protection, and prompt-targeted strategies, evaluating their effectiveness across different deployment scenarios.
arXiv Detail & Related papers (2025-06-26T22:02:01Z)
SPEAR: Security Posture Evaluation using AI Planner-Reasoning on Attack-Connectivity Hypergraphs [15.590901699441645]
SPEAR is a formal framework with tool support for security posture evaluation and analysis.<n>It uses the causal formalism of AI planning to model vulnerabilities and configurations in a networked system.<n>It identifies a set of diverse security hardening strategies that can be presented in a manner understandable to the domain expert.
arXiv Detail & Related papers (2025-06-02T00:38:47Z)
Modern DDoS Threats and Countermeasures: Insights into Emerging Attacks and Detection Strategies [49.57278643040602]
Distributed Denial of Service (DDoS) attacks persist as significant threats to online services and infrastructure.<n>This paper offers a comprehensive survey of emerging DDoS attacks and detection strategies over the past decade.
arXiv Detail & Related papers (2025-02-27T11:22:25Z)
A Survey of Model Extraction Attacks and Defenses in Distributed Computing Environments [55.60375624503877]
Model Extraction Attacks (MEAs) threaten modern machine learning systems by enabling adversaries to steal models, exposing intellectual property and training data.<n>This survey is motivated by the urgent need to understand how the unique characteristics of cloud, edge, and federated deployments shape attack vectors and defense requirements.<n>We systematically examine the evolution of attack methodologies and defense mechanisms across these environments, demonstrating how environmental factors influence security strategies in critical sectors such as autonomous vehicles, healthcare, and financial services.
arXiv Detail & Related papers (2025-02-22T03:46:50Z)
Threat-Specific Risk Assessment for IP Multimedia Subsystem Networks Based on Hierarchical Models [1.2189647788299218]
IP Multimedia Subsystems (IMS) networks have become increasingly critical as they form the backbone of modern telecommunications.<n>IMS network defenders can use this model to understand their security postures taking into account the threat and risk posed by each vulnerability.
arXiv Detail & Related papers (2025-01-17T03:18:47Z)
TabSec: A Collaborative Framework for Novel Insider Threat Detection [8.27921273043059]
In the era of the Internet of Things (IoT) and data sharing, users frequently upload their personal information to enterprise databases to enjoy enhanced service experiences. However, the widespread presence of system vulnerabilities, remote network intrusions, and insider threats significantly increases the exposure of private enterprise data on the internet. This paper proposes a novel threat detection framework, TabITD, to address these challenges.
arXiv Detail & Related papers (2024-11-04T04:07:16Z)
It Is Time To Steer: A Scalable Framework for Analysis-driven Attack Graph Generation [50.06412862964449]
Attack Graph (AG) represents the best-suited solution to support cyber risk assessment for multi-step attacks on computer networks. Current solutions propose to address the generation problem from the algorithmic perspective and postulate the analysis only after the generation is complete. This paper rethinks the classic AG analysis through a novel workflow in which the analyst can query the system anytime.
arXiv Detail & Related papers (2023-12-27T10:44:58Z)
Mutual-modality Adversarial Attack with Semantic Perturbation [81.66172089175346]
We propose a novel approach that generates adversarial attacks in a mutual-modality optimization scheme. Our approach outperforms state-of-the-art attack methods and can be readily deployed as a plug-and-play solution.
arXiv Detail & Related papers (2023-12-20T05:06:01Z)
Efficient Network Representation for GNN-based Intrusion Detection [2.321323878201932]
The last decades have seen a growth in the number of cyber-attacks with severe economic and privacy damages. We propose a novel network representation as a graph of flows that aims to provide relevant topological information for the intrusion detection task. We present a Graph Neural Network (GNN) based framework responsible for exploiting the proposed graph structure.
arXiv Detail & Related papers (2023-09-11T16:10:12Z)
Forensic Data Analytics for Anomaly Detection in Evolving Networks [13.845204373507016]
Many cybercrimes and attacks have been launched in evolving networks to perform malicious activities. This chapter presents a digital analytics framework for network anomaly detection. Experiments on real-world evolving network data show the effectiveness of the proposed forensic data analytics solution.
arXiv Detail & Related papers (2023-08-17T20:09:33Z)
Graph Mining for Cybersecurity: A Survey [61.505995908021525]
The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
arXiv Detail & Related papers (2023-04-02T08:43:03Z)
Explainable Adversarial Attacks in Deep Neural Networks Using Activation Profiles [69.9674326582747]
This paper presents a visual framework to investigate neural network models subjected to adversarial examples. We show how observing these elements can quickly pinpoint exploited areas in a model.
arXiv Detail & Related papers (2021-03-18T13:04:21Z)

This list is automatically generated from the titles and abstracts of the papers in this site.