Routing the Cyber-Attack Path with the Bayesian Network Deducing Approach

It is possible that an invisible adversary can damage a physical component with the cyber-attacks such as in the Stuxnet, which plays a havoc demonstration in cyber-security. In this paper, we propose a cyber-attacks analysis model based on the Bayesian network approaches. By the construction of attack graph covering all possible atomic attacking paths, we utilize the Bayesian reasoning to deduce the success likelihood for all attacking paths and then make tracing to the most probable attack path with the Junction Tree algorithm to compute the posterior probability of a specific exploit relative to prior knowledge on attackers. Especially, vulnerability exploit possibility is quantified by weighing the environmental factors and the non-environmental factors based on cyber-attack features.