GARNET : a Graphical Attack graph and Reachability Network Evaluation Tool

Author(s)
Williams, Leevar (Leevar Christoff)
Thumbnail
DownloadFull printable version (3.316Mb)
Alternative title
Graphical Attack graph and Reachability Network Evaluation Tool
Other Contributors
Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.
Advisor
Richard P. Lippmann.
Terms of use
M.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission. http://dspace.mit.edu/handle/1721.1/7582
Metadata
Show full item record
Abstract
Attack graphs are valuable tools in the assessment of network security, revealing potential attack paths an adversary could use to gain control of network assets. Creating an effective visualization for attack graphs is essential to their utility, but many previous efforts produce complex displays that are difficult to relate to the underlying networks. This thesis presents GARNET (Graphical Attack graph and Reachability Network Evaluation Tool), an interactive visualization tool intended to facilitate the task of attack graph analysis. The tool provides a simplified view of critical steps that can be taken by an attacker and of host-to-host network reachability that enables these exploits. It allows users to perform "what-if" experiments including adding new zero-day attacks, following recommendations to patch software vulnerabilities, and changing the attacker starting location to analyze external and internal attackers. Users are able to view a set of attack graph metrics that summarize different aspects of overall network security for a specific set of attacker models. An initial user evaluation of GARNET identified problematic areas of the interface that assisted in the development of a more functional design.
Description
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008.
 
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.
 
Includes bibliographical references (p. 101-102).
 
Date issued
2008
URI
http://hdl.handle.net/1721.1/46367
Department
Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.
Publisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.
Collections