Validating and restoring defense in depth using attack graphs

Keywords: firewall, defense in depth, network security.

The threat identification model is called Attack State Transition Graph and Real-Time Attack State Graph, which is constructed by an Expanded Finite-State Automata.

The strategy of defense in depth network is considered. Modeling networks with over 50,000 hosts demonstrate that this approach can be successfully transferred to the corporate network scale.

The strategy of defense in depth network is considered. Modeling networks with over 50,000 hosts demonstrate that this approach can be successfully transferred to the corporate network scale.

To design defense in depth organizations rely on best practices and isolated product reviews with no way to determine the marginal benefit of additional security products.

We propose empirically testing security products’ detection rates by linking multiple pieces of data such as network traffic, executable files, and an email to the attack that generated all the data.

Leave a Reply