Attack graphs deduce the attack paths based on the identified vulnerabilities, the existing network topology, and the applied network access controls. The exploitation likelihood of the paths derived from the Common Vulnerability Scoring System (CVSS) values of the vulnerabilities provides an important input to risk assessments. This paper focuses on the identification of attacker skill levels required for exploiting the attack paths. First, we elicited expert knowledge for the determination of skill level categories and their detailed descriptions. Second, we systematically applied the elicited knowledge to the attack graphs. This skill level categorization method can provide a significant contribution to the design of hands-on offensive cyber games as it enables to balance the skills of participants and difficulty of game tasks. It also improves the threat analysis capability of organizations by demonstrating the possible infiltration ways of threat actors depending on their skill levels.
Terézia Mézesová, Hayretdin Bahsi
2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)