Graph-based Model and Practical Algorithm for Combating Cyberattack Threats in DCCN

Popular open-source frameworks are used today to combat attack threats in DCCNs automatically. However, they cannot visualize logical conditions in the representation of network protocol vulnerabilities in attacks such as ARP poisoning, DNS spoofing, and SYN flooding, and they do not support advanced types of communication such as wireless, vehicle, and tethering communications on networks. To cope with the above shortcomings, we present an AND/OR attack graph-based security model for the DCCNs able to model multiple attack types (e.g., spoofing, man-in-the-middle, among many others). A novel efficient algorithm is suggested to extract the most vulnerable attack paths from AND/OR attack graphs. Unlike previous heuristic pathfinding algorithms, the proposed algorithm works in polynomial time and efficiently handles the cycles of positive length. We demonstrate the efficiency of the proposed model and a novel algorithm on a testbed implementing a network architecture comprising IT and industrial components.