Dynamic logic-based attack graph for risk assessment in complex computer systems

Nowadays, Information and Communication Technologies (ICT) play a significant role in our modern daily life. Computer networks breakdown can strongly impact everything in our life such as personal data, industrials, banks, oil pipelines, hospitals, nuclear reactors, military platforms, etc. Assessing their security is a necessity to reduce the risk of compromise by an attacker. Nevertheless, the actual solutions are rarely adapted to the high complexity of modern computer systems. They often rely on too much human work and the used algorithms do not scale well. Furthermore, the evolution of the system over time is rarely modeled and is therefore not considered in the evaluation of its security. This paper proposes a dynamic attack graph generation method allowing to model attack paths by considering the evolution of the system over time. We compute the probabilities of compromise of the system components by simulating several cyberattacks from the previously constructed dynamic attack graph. We tested our solution on a use case of several thousand of machines. The measured results demonstrate its ability to assess the threat in complex systems caused by combining exploitation of successive vulnerabilities.