Interactive analysis of attack graphs using relational queries
US8566269B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 31, 2007 |
| Grant date | Oct 22, 2013 |
| Priority date | — |
| Expiry date | Sep 18, 2029 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L41/149
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An attack graph analysis tool that includes a network configuration information input module, a domain knowledge input module, a network configuration information storage module, a domain knowledge storage module, and a result generation module. The network configuration information input module inputs network configuration information. The domain knowledge input module inputs domain knowledge for the network. The network configuration information storage module stores network configuration information in a network database table. The domain knowledge storage module stores the domain knowledge in an exploit database table. The result generation module generates a result using the network database table and exploit database table. The result may be generated in response to a query to a database management system that has access to the network database table and exploit database table. The network may be reconfigured to decrease the likelihood of future attacks using the attack information learned from the result.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.