skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: A Graph Analytic Metric for Mitigating Advanced Persistent Threat

Abstract

This paper introduces a novel graph analytic metric that can be used to measure the potential vulnerability of a cyber network to specific types of attacks that use lateral movement and privilege escalation such as the well known Pass The Hash, (PTH). The metric is computed from an oriented subgraph of the underlying cyber network induced by selecting only those edges for which a given property holds between the two vertices of the edge. The metric with respect to a select node on the subgraph is defined as the likelihood that the select node is reachable from another arbitrary node in the graph. This metric can be calculated dynamically from the authorization and auditing layers during the network security authorization phase and will potentially enable predictive deterrence against attacks such as PTH.

Authors:
;
Publication Date:
Research Org.:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1126353
Report Number(s):
PNNL-SA-96499
DOE Contract Number:  
AC05-76RL01830
Resource Type:
Conference
Resource Relation:
Conference: IEEE International Conference on Intelligence and Security Informatics (ISI 2013), June 4-7, 2013, Seattle, Washington, 129-133
Country of Publication:
United States
Language:
English
Subject:
cybersecurity; graph analytics; discrete mathematics

Citation Formats

Johnson, John R., and Hogan, Emilie A. A Graph Analytic Metric for Mitigating Advanced Persistent Threat. United States: N. p., 2013. Web. doi:10.1109/ISI.2013.6578801.
Johnson, John R., & Hogan, Emilie A. A Graph Analytic Metric for Mitigating Advanced Persistent Threat. United States. https://doi.org/10.1109/ISI.2013.6578801
Johnson, John R., and Hogan, Emilie A. 2013. "A Graph Analytic Metric for Mitigating Advanced Persistent Threat". United States. https://doi.org/10.1109/ISI.2013.6578801.
@article{osti_1126353,
title = {A Graph Analytic Metric for Mitigating Advanced Persistent Threat},
author = {Johnson, John R. and Hogan, Emilie A.},
abstractNote = {This paper introduces a novel graph analytic metric that can be used to measure the potential vulnerability of a cyber network to specific types of attacks that use lateral movement and privilege escalation such as the well known Pass The Hash, (PTH). The metric is computed from an oriented subgraph of the underlying cyber network induced by selecting only those edges for which a given property holds between the two vertices of the edge. The metric with respect to a select node on the subgraph is defined as the likelihood that the select node is reachable from another arbitrary node in the graph. This metric can be calculated dynamically from the authorization and auditing layers during the network security authorization phase and will potentially enable predictive deterrence against attacks such as PTH.},
doi = {10.1109/ISI.2013.6578801},
url = {https://www.osti.gov/biblio/1126353}, journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Jun 04 00:00:00 EDT 2013},
month = {Tue Jun 04 00:00:00 EDT 2013}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: