Organizations employ various adversary models in order to assess the risk and potential impact of attacks on their networks. Attack graphs represent vulnerabilities and actions an attacker can take to identify and compromise an organization's assets. Attack graphs facilitate both visual presentation and algorithmic analysis of attack scenarios in the form of attack paths. MulVAL is a generic open-source framework for constructing logical attack graphs, which has been widely used by researchers and practitioners and extended by them with additional attack scenarios. This paper surveys all of the existing MulVAL extensions, and maps all MulVAL interaction rules to MITRE ATT&CK Techniques to estimate their attack scenarios coverage. This survey aligns current MulVAL extensions along unified ontological concepts and highlights the existing gaps. It paves the way for methodical improvement of MulVAL and the comprehensive modeling of the entire landscape of adversarial behaviors captured in MITRE ATT&CK.
翻译:攻击图代表攻击者识别和损害一个组织的资产时可以采取的脆弱性和行动。攻击图有助于以攻击路径的形式对攻击情景进行视觉展示和算法分析。Mulval是一个通用的开放源框架,用于构建逻辑攻击图,研究人员和从业者广泛使用这些图表,并随其他攻击假想而扩展。本文调查了所有现有的穆尔瓦尔扩展,并绘制了穆尔瓦尔与MITREATT & CK技术的所有互动规则,以估计其攻击假想的覆盖范围。这次调查将目前的穆尔瓦尔扩展与统一的理论概念相协调,并突出现有差距。它为以方法改进穆尔瓦尔以及全面模拟MITREATT&CK所捕捉的整个敌对行为环境铺平了道路。
相关内容
- Today (iOS and OS X): widgets for the Today view of Notification Center
- Share (iOS and OS X): post content to web services or share content with others
- Actions (iOS and OS X): app extensions to view or manipulate inside another app
- Photo Editing (iOS): edit a photo or video in Apple's Photos app with extensions from a third-party apps
- Finder Sync (OS X): remote file storage in the Finder with support for Finder content annotation
- Storage Provider (iOS): an interface between files inside an app and other apps on a user's device
- Custom Keyboard (iOS): system-wide alternative keyboards
Source: iOS 8 Extensions: Apple’s Plan for a Powerful App Ecosystem
微信扫码咨询专知VIP会员