Quantifying the severity of cyber attack patterns using complex networks

Abstract

This work quantifies the severity and likelihood of cyberattacks using complex network modelling. A dataset from common attack pattern enumerations and classifications (CAPEC) is collected and formalized as nodes and edges aiming at creating a network model. In this model, each attack pattern is represented as a node, and an edge is created between two nodes when there is a relation between them. The dataset includes 559 attack patterns and 1921 relations among them. Network metrics are used to perform the analysis on the network level and node level. Moreover, a rank of the CAPECs based on a complex network perspective is generated. This rank is compared with the CAPEC ranking system and deeply discussed based on cybersecurity perspective. The findings show interesting facts about the likelihood and severity of attacks. It is found that the network perspective should be given attention by the CAPEC ranking system. Finally, the results of this work can be of high interest to security architects.