TargetNodeRank — Target-Specific Node Ranking in Attack Graphs
摘要
Cyberinfrastructures are growing in size and with increased complexity in network connections. It becomes more challenging to assess the risk associated with the business-critical assets in the infrastructure. Attack graphs have been a smarter approach to represent the cyberinfrastructure and to perform the risk assessment. The ranking nodes in attack graph based on the adaptation of Google’s PageRank algorithm have been a proven and effective technique in identifying influential nodes. However, PageRank alone lacks adequately considering the specific importance of nodes relative to a target node in the attack graph. This paper proposes TargetNodeRank, an integration of additional graph-based metrics in the PageRank algorithm, to rank the node significance in relation to specific targets with low complexity. It incorporates the graph-based metrics such as betweenness centrality and PageRank algorithm to rank target specific nodes. The evaluation of the proposed TargetNodeRank is carried out on different attack graphs. The results show that it achieves a reasonably high level of accuracy against the Brute force approach compared to node ranking by PageRank algorithm alone. In conclusion, TargetNodeRank demonstrates an effective solution for the security assessment of business-critical assets in the cyberinfrastructure.