Nondeterministic Buchi automaton, stream automaton, omega languages, linear temporal logic.
Parameters represented
Vulnerabilities on hosts, network topology information, cost of transitions, transition probability, quantified attacker rewards, damage/compromise network states. Bayesian learning is used to obtain information of network and hosts.
Automatic graph generation
Tools (NetSpa, MulVal, NAVIGATOR, BRITE, GT-ITM, and GARNET). Graphs up to 1000 s of nodes. Directed graphs with and without cycles are generated.
Properties analyzed
Properties captured in LTL of attack paths. Dynamic analysis provides a real time evaluation of network.
Violations detected
Network paths leading to exploits of individual host, break down of network paths.
Visualization
Tools (NAVIGATOR, GARNET, and NetSpa), methodology (separating host-vulnerability info and network-topology info in the graph, ranking of nodes of graph).
Recommendations derived
Least expensive and minimum number of cuts to break the attack paths. Identification of the most vulnerable and most affective hosts in the network to secure.
Computational complexity
Min cost SAT solving (MCSS) is used to calculate critical paths. Either with randomization like Monte Carlo methods or not, the analysis for the graph with hosts is between and .