Towards metric-driven, application-specific visualization of attack graphs

Abstract

As a model of vulnerability information, attack graph has seen successes in many automated analyses for defending computer networks against potential intrusions. On the other hand, attack graph has long been criticized for the lack of scalability when serving as a visualization model for conveying vulnerability information to human analysts. In this paper, we propose two novel approaches to improving attack graph visualization. First, we employ recent advances in network security metrics to design metric-driven visualization techniques, which render the most critical information the most visible. Second, existing techniques usually aim at an one-size-fits-all solution, which actually renders them less effective for specific applications, and hence we propose to design application-specific visualization solutions for network overview and situational awareness. We discuss the models, algorithms, implementation, and simulation results.