Network Modelling in Analysing Cyber-related Graphs

Abstract: In order to improve the resilience of computer infrastructure against cyber attacks and finding ways to mitigate their impact we need to understand their structure and dynamics. Here we propose a novel network-based influence spreading model to investigate event trajectories or paths in various types of attack and causal graphs, which can be directed, weighted, and / or cyclic. In case of attack graphs with acyclic paths, only self-avoiding attack chains are allowed. In the framework of our model a detailed probabilistic analysis beyond the traditional visualisation of attack graphs, based on vulnerabilities, services, and exploitabilities, can be performed. In order to demonstrate the capabilities of the model, we present three use cases with cyber-related graphs, namely two attack graphs and a causal graph. The model can be of benefit to cyber analysts in generating quantitative metrics for prioritisation, summaries, or analysis of larger graphs.