In modern computer networks where sophisticated cyber attacks occur daily, a timely cyber risk assessment becomes paramount. Attack Graph (AG) represents the best-suited solution to model and analyze multi-step attacks on computer networks, although they suffer from poor scalability due to their combinatorial complexity. This paper introduces an analysis-driven framework for AG generation. It enables real-time attack path analysis before the completion of the AG generation with a quantifiable statistical significance. We further accelerate the AG generation by steering it with the analysis query and supporting a novel workflow in which the analyst can query the system anytime. To show the capabilities of the proposed framework, we perform an extensive quantitative validation and we present a realistic case study on networks of unprecedented size. It demonstrates the advantages of our approach in terms of scalability and fitting to common attack path analyses.
翻译:暂无翻译