By R. Colin Johnson
PORTLAND, Ore. - "Attack graphs" help predict the risk that hackers can
crack a computer system's security, plus identify its most vulnerable
resources, according to the National Institute of Science and Technology
By analyzing and assigning probabilities to every path a hacker could
use to penetrate a computer system, NIST hopes attack graphs will help
IT managers identify weak points that need to be patched to safeguard
Attack graphs, developed by NIST jointly with George Mason University,
calculate the vulnerability of each path into a computer system using
NIST's National Vulnerability Database (NVD). By assigning a probable
risk to various computer network pathways, the researchers hope to
secure computer systems from multistep attacks.
Each step in an attack is graphed with an assigned probability,
depending on its security level. For instance, its firewall, router and
various servers are each assigned a probability of being hacked, based
on information in the NVD.
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com