Towards automated generation and visualization of hierarchical attack representation models

Attack Graphs (AGs) are a well-known formalism and there are tools available for AG generation and security risk analysis. The security posture of a networked system can be evaluated via an AG. However, as the size of the system becomes large, the AG suffers from the state-space explosion problem. Scalable security models have been developed to cope with this issue. Hierarchical Attack Representation Models (HARMs) is one of the scalable security models, the core idea of HARM is to separate the system representation into two layers; an upper layer (reachability) and a lower layer (vulnerability). In this paper, we propose a novel security modeling and analysis framework named Safelite that (i) automatically converts an AG into a HARM and (ii) visualizes the HARMs with relevant security information, respectively. We present the design and implementation of Safelite using example networks