Using Attack Graphs in Forensic Examinations

Attack graphs are used to compute potential attack paths from a system configuration and known vulnerabilities of a system.

Abstract-attack graphs are used to compute potential attack paths from a system configuration and known vulnerabilities of a system. Attack graphs can be used to determine known vulnerability sequences that were exploited to launch the attacks and help forensic examiners in identifying many potential attack paths. After an attack happens, forensic analysis, including linking evidence with attacks, helps further understand and refine the attack scenario that was launched. Given that there are anti-forensic tools that can obfuscate, minimize or eliminate attack footprints, forensic analysis becomes harder. As a solution, the authors propose to apply attack graph to forensic analysis. They do so by including anti-forensic capabilities into attack graphs, so that the missing evidence can be explained by using longer attack paths that erase potential evidence. The authors show this capability in an explicit case study involving a Database attack.

The attached zip file includes:

Intro Page.pdf
Terms and Conditions.pdf
UsingAttackGraphs.pdf

5G and Industrial Automation: Practical Use Cases

Is 5G Enough to Boost the Metaverse?

Building a Private 5G Network for Your Business

5G and AI: Ushering in New Tech Innovation

The Role of 5G in the Sustainability Fight

Using Attack Graphs in Forensic Examinations

Using Attack Graphs in Forensic Examinations

Get the Free Newsletter!

Latest Articles

How DeFi is Reshaping the Future of Finance

Enterprise Software Startups: What It Takes To Get VC Funding

Top RPA Tools 2022: Robotic Process Automation Software

Advertisers

Menu

Our Brands