Despite a significant increase in security of modern information systems, cyber attacks have become more sophisticated as attackers combine multiple vulnerabilities to penetrate networks resulting in devastating consequences. In the past, attack graphs had been important tools for analyzing and understanding how various vulnerabilities could be combined through many potential interactions and connections between network components to compromise security. Full attack graphs for a realistic network, however, can be very large and complex, making it difficult to analyze and to decide what changes should be made in the network to make it sufficiently secure. We propose in this paper a novel approach to analyze network vulnerability and to identify all the combinations of exploits that are critical to the overall security of a network. Unlike previous graph-based algorithms that generate attack trees (or graphs) to cover all possible sequences of vulnerabilities, our method directly analyzes and eliminates less critical vulnerabilities without building the actual attack graph. The proposed approach relies on a unique evaluation of a vulnerability metric defined in this paper and its effectiveness is demonstrated through an example of a network that provides voice over IP services.

• 出版日期2015-4